google.golang.org/grpc is vulnerable to HTTP/2 Stream Cancellation Attack. The vulnerability exists because the library does not enforce the limit of concurrently running handlers set by MaxConcurrent ...
Continue Reading15 декабря, 2023
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-8570e0055b advisory. gRPC contains a vulnerability whereby a client can cause a ...
Continue Reading15 декабря, 2023
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net. ...
Continue Reading15 декабря, 2023
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-344 advisory. - Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, ...
Continue Reading15 декабря, 2023
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. **Rec ...
Continue Reading15 декабря, 2023
CVE-2022-1941 affecting package grpc 1.42.0-7. This CVE either no longer is or was never...Read More ...
Continue Reading15 декабря, 2023
Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized too ...
Continue Reading15 декабря, 2023
grpc is vulnerable to Denial Of Service. The vulnerability is due to improper error handling in TCP server which allows an attacker to initiate number of concurrent connections with the server leading ...
Continue Reading15 декабря, 2023
Back to Main