OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net. ...
Continue ReadingDecember 15, 2023
CVE-2023-44487 affecting package grpc for versions less than 1.42.0-7. A patched version of the package is...Read More ...
Continue ReadingDecember 15, 2023
### Impact In affected releases of gRPC-Go, it is possible for an attacker to send HTTP/2 requests, cancel them, and send subsequent requests, which is valid by the HTTP/2 protocol, but would cause th ...
Continue ReadingDecember 15, 2023
swift-nio-http2 is vulnerable to a denial-of-service vulnerability in which a malicious client can create and then reset a large number of HTTP/2 streams in a short period of time. This causes swift-n ...
Continue ReadingDecember 15, 2023
Hi, Spring fans! Welcome to another installment of _This Week in Spring_ - **Java 21 edition**! The big news, indeed, the _biggest_ news, is that Java 21 is now available here! You should use [SDKMAN] ...
Continue ReadingDecember 15, 2023
## Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of gRPC. ## Vulnerability Details ** CVEID: **[CVE-2023-33953]() ** DESCRIPTION: **gRPC is vulnerable ...
Continue ReadingDecember 15, 2023
An attacker can send HTTP/2 requests, cancel them, and send subsequent requests. This is valid by the HTTP/2 protocol, but would cause the gRPC-Go server to launch more concurrent method handlers than ...
Continue ReadingDecember 15, 2023
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `n ...
Continue ReadingDecember 15, 2023
Back to Main