Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

gRPC Security Vulnerabilities

🗓️ 10 Jun 2024 00:00:00Reported by China National Vulnerability Database of Information SecurityType 
cnnvd
 cnnvd🔗 www.cnnvd.org.cn👁 1 Views

Security flaw in rpc framework before versions 1.10.9, 1.9.15, and 1.8.22 allows memory overallocation.

Related
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Vulnerabilities in Node.js and packages affect IBM Voice Gateway
17 Sep 202421:51
ibm
IBM Security Bulletins		Security Bulletin: IBM Maximo Application Suite uses grpc-js-1.8.21.tgz which is vulnerable to CVE-2024-37168
28 Jan 202522:08
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.17 and earlier
4 Jul 202415:28
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge
6 Jan 202605:54
ibm
IBM Security Bulletins		Security Bulletin: IBM App Connect Enterprise is vulnerable to a local authenticated attack and denial of service due to Microsoft Azure Identity Libraries and Microsoft Authentication Library and gRPC on Node.js (CVE-2024-35255, CVE-2024-37168)
22 Jul 202415:06
ibm
IBM Security Bulletins		Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
15 Apr 202503:03
ibm
IBM Security Bulletins		Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service [CVE-2024-37168] [CVE-2024-34890]
23 Aug 202410:03
ibm
IBM Security Bulletins		Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities
14 Aug 202409:31
ibm
IBM Security Bulletins		Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to denial of service vulnerability in gRPC on Node.js [CVE-2024-37168]
28 Jan 202522:08
ibm
IBM Security Bulletins		Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in grpc-js-1.7.3.tgz
22 Oct 202511:23
ibm
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
30 Dec 2025 00:00Current
6.8Medium risk
Vulners AI Score6.8
CVSS 3.15.3
EPSS0.00283
SSVC
rpc frameworkmemory overallocationvulnerable versionsversion 1.10.9version 1.9.15version 1.8.22
1