CVE-2023-44487 affecting package grpc for versions less than 1.42.0-7

CVE-2023-44487 affecting package grpc for versions less than 1.42.0-7. A patched version of the package is...Read More ...

Continue Reading

15 декабря, 2023

HTTP/2 Stream Cancellation Attack

google.golang.org/grpc is vulnerable to HTTP/2 Stream Cancellation Attack. The vulnerability exists because the library does not enforce the limit of concurrently running handlers set by MaxConcurrent ...

Continue Reading

15 декабря, 2023

CVE-2018-25032 affecting package grpc for versions less than 1.35.0-4

CVE-2018-25032 affecting package grpc for versions less than 1.35.0-4. A patched version of the package is...Read More ...

Continue Reading

15 декабря, 2023

Code injection

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net. ...

Continue Reading

15 декабря, 2023

Exploit for Uncontrolled Resource Consumption in Ietf Http

# Golang CVE-2023-44487 testing This repository contains testin...Read More ...

Continue Reading

15 декабря, 2023

CVE-2022-1941 affecting package grpc 1.35.0-9

CVE-2022-1941 affecting package grpc 1.35.0-9. No patch is available...Read More ...

Continue Reading

15 декабря, 2023

CVE-2023-47108

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `n ...

Continue Reading

15 декабря, 2023

denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc

An attacker can send HTTP/2 requests, cancel them, and send subsequent requests. This is valid by the HTTP/2 protocol, but would cause the gRPC-Go server to launch more concurrent method handlers than ...

Continue Reading

15 декабря, 2023

1 81 82 83 84 85 122

Back to Main
Subscribe for the latest news: