CVE-2023-44487 affecting package grpc for versions less than 1.42.0-7. A patched version of the package is...Read More ...
Continue Reading15 декабря, 2023
google.golang.org/grpc is vulnerable to HTTP/2 Stream Cancellation Attack. The vulnerability exists because the library does not enforce the limit of concurrently running handlers set by MaxConcurrent ...
Continue Reading15 декабря, 2023
CVE-2018-25032 affecting package grpc for versions less than 1.35.0-4. A patched version of the package is...Read More ...
Continue Reading15 декабря, 2023
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net. ...
Continue Reading15 декабря, 2023
# Golang CVE-2023-44487 testing This repository contains testin...Read More ...
Continue Reading15 декабря, 2023
CVE-2022-1941 affecting package grpc 1.35.0-9. No patch is available...Read More ...
Continue Reading15 декабря, 2023
OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `n ...
Continue Reading15 декабря, 2023
An attacker can send HTTP/2 requests, cancel them, and send subsequent requests. This is valid by the HTTP/2 protocol, but would cause the gRPC-Go server to launch more concurrent method handlers than ...
Continue Reading15 декабря, 2023
Back to Main