Lucene search
K

11 matches found

SUSE Linux
SUSE Linux
added 2024/12/30 1:23 p.m.2 views

Security update for grpc

This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...

6.9CVSS6.8AI score0.00576EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2024/12/28 12:0 a.m.16 views

openSUSE: Security Advisory for python (SUSE-SU-2024:4428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.00576EPSS
Exploits1References2
SUSE Linux
SUSE Linux
added 2024/12/27 10:16 a.m.4 views

Security update for python-grpcio

This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...

6.9CVSS6.8AI score0.00576EPSS
Exploits1References8
SUSE Linux
SUSE Linux
added 2024/12/20 3:28 p.m.0 views

Security update for grpc

This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...

6.9CVSS6.8AI score0.00576EPSS
Exploits1References8
SUSE Linux
SUSE Linux
added 2024/12/20 3:27 p.m.0 views

Security update for grpc

This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...

6.9CVSS6.8AI score0.00576EPSS
Exploits1References8
SUSE Linux
SUSE Linux
added 2024/12/20 10:24 a.m.1 views

Security update for python-grpcio

This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...

6.9CVSS6.8AI score0.00576EPSS
Exploits1References8
Amazon
Amazon
added 2024/12/12 12:0 a.m.13 views

Medium: grpc

Issue Overview: It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occu...

6.3CVSS7.1AI score0.00224EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2024/11/05 5:49 p.m.3 views

grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend

A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent...

6.3CVSS5.7AI score0.00224EPSS
Exploits1References5
OSV
OSV
added 2024/08/30 11:8 a.m.3 views

OESA-2024-2064 grpc security update

gRPC is a modern open source high performance RPC framework that can run in any environment. It can efficiently connect services in and across data centers with pluggable support for load balancing, tracing, health checking and authentication. It is also applicable in last mile of distributed...

6.3CVSS6.8AI score0.00224EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2024/08/07 2:55 a.m.2 views

SUSE CVE-2024-7246

It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the...

5.8CVSS6.8AI score0.00224EPSS
Exploits1References9
OSV
OSV
added 2024/08/06 11:16 a.m.6 views

AZL-47442 CVE-2024-7246 affecting package grpc for versions less than 1.62.3-1

It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the...

6.3CVSS6.6AI score0.00224EPSS
Exploits1References1
Rows per page
Query Builder