Linux Distros Unpatched Vulnerability : CVE-2024-7246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed...

SUSE: Security Advisory (SUSE-SU-2024:4401-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-7246 affecting package grpc for versions less than 1.62.3-1

CVE-2024-7246 affecting package grpc for versions less than 1.62.3-1. An upgraded version of the package is available that resolves this issue...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in gRPC

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of gRPC Vulnerability Details CVEID:CVE-2024-7246 DESCRIPTION: Google gRPC is vulnerable to a denial of service, caused by HPACK table poisoning between the proxy and the backend. By sending a specially crafted...

openSUSE Security Advisory (SUSE-SU-2024:4436-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15: grpc-devel / grpc-source / libgrpc++1_60 / libgrpc1_60 / libgrpc37 / etc (SUSE-SU-2024:4436-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4436-1 advisory. - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy...

SUSE-SU-2024:4436-1 Security update for grpc

This update for grpc fixes the following issues: - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821...

openSUSE: Security Advisory for python (SUSE-SU-2024:4428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:4429-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for python-grpcio

This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...

SUSE-SU-2024:4429-1 Security update for python-grpcio

This update for python-grpcio fixes the following issues: - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919...

openSUSE Security Advisory (SUSE-SU-2024:4401-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for grpc (SUSE-SU-2024:4400-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:4393-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15: grpc-devel / grpc-source / libgrpc++1_60 / libgrpc1_60 / libgrpc37 / etc (SUSE-SU-2024:4401-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4401-1 advisory. - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy...

Medium: grpc

Issue Overview: It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occu...

RHEL 8 / 9 : Satellite 6.16.0 (Critical) (RHSA-2024:8906)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8906 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessit...

Critical: Red Hat Security Advisory: Satellite 6.16.0 release

A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Photon OS 5.0: Grpc PHSA-2024-5.0-0351

An update of the grpc package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0351. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE CVE-2024-7246

It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the...