Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-1428HistoryJun 09, 2023 - 11:15 a.m.
CVE-2023-1428
2023-06-0911:15:09
Debian Security Bug Tracker
security-tracker.debian.org
9
There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC’s C++ implementation to abort() when called via http2: te: x (x != trailers) :scheme: x (x != http, https) grpclb_client_stats: x (x == anything) On top of sending one of those headers, a later header must be sent that gets the total header size past 8KB. We recommend upgrading past git commit 2485fa94bd8a723e5c977d55a3ce10b301b437f8 or v1.53 and above.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | grpc | < 1.51.1-3 | grpc_1.51.1-3_all.deb |
| Debian | 11 | all | grpc | < 1.30.2-3 | grpc_1.30.2-3_all.deb |
| Debian | 10 | all | grpc | < 1.16.1-1 | grpc_1.16.1-1_all.deb |
| Debian | 999 | all | grpc | < 1.51.1-4.1 | grpc_1.51.1-4.1_all.deb |
| Debian | 13 | all | grpc | < 1.51.1-4.1 | grpc_1.51.1-4.1_all.deb |
Related
github
github
gRPC Reachable Assertion issue
2023-07-06 21:15:08
osv
osv
CVE-2023-1428
2023-06-09 11:15:09
gRPC Reachable Assertion issue
2023-07-06 21:15:08
cgr
cgr
CVE-2023-1428 vulnerabilities
2024-05-18 09:07:38
cve
cve
CVE-2023-1428
2023-06-09 11:15:09
cvelist
cvelist
CVE-2023-1428 Denial-of-Service in gRPC
2023-06-09 10:46:54
ubuntucve
ubuntucve
CVE-2023-1428
2023-06-09 00:00:00
wolfi
wolfi
CVE-2023-1428 vulnerabilities
2024-05-18 09:07:35
redhatcve
redhatcve
CVE-2023-1428
2023-06-13 06:35:32
veracode
veracode
Denial Of Service (DoS)
2023-07-13 07:39:05
prion
prion
Code injection
2023-06-09 11:15:00
