11 matches found
Security update for grpc
This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...
openSUSE: Security Advisory for python (SUSE-SU-2024:4428-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for python-grpcio
This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...
Security update for grpc
This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...
Security update for grpc
This update for grpc fixes the following issues: CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 Patch Instructions: To install this SUSE update use the SUSE...
Security update for python-grpcio
This update for python-grpcio fixes the following issues: CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 Patch Instructions: To install this SUSE update use t...
Medium: grpc
Issue Overview: It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occu...
grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend
A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent...
OESA-2024-2064 grpc security update
gRPC is a modern open source high performance RPC framework that can run in any environment. It can efficiently connect services in and across data centers with pluggable support for load balancing, tracing, health checking and authentication. It is also applicable in last mile of distributed...
SUSE CVE-2024-7246
It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the...
AZL-47442 CVE-2024-7246 affecting package grpc for versions less than 1.62.3-1
It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the...