15 matches found
SUSE: Security Advisory (SUSE-SU-2024:4401-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:4436-1 Security update for grpc
This update for grpc fixes the following issues: - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821...
SUSE SLES15 Security Update : python-grpcio (SUSE-SU-2024:4428-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4428-1 advisory. - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 - CVE-2024-7246: HPACK table poisoning by...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-grpcio (SUSE-SU-2024:4429-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4429-1 advisory. - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 -...
SUSE-SU-2024:4429-1 Security update for python-grpcio
This update for python-grpcio fixes the following issues: - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919...
SUSE-SU-2024:4428-1 Security update for python-grpcio
This update for python-grpcio fixes the following issues: - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919...
SUSE SLES15 / openSUSE 15 Security Update : python-grpcio (SUSE-SU-2024:4393-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4393-1 advisory. - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 - CVE-2024-7246: HPACK table...
openSUSE Security Advisory (SUSE-SU-2024:4393-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:4401-1 Security update for grpc
This update for grpc fixes the following issues: - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821...
SUSE-SU-2024:4400-1 Security update for grpc
This update for grpc fixes the following issues: - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919 - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821...
SUSE-SU-2024:4393-1 Security update for python-grpcio
This update for python-grpcio fixes the following issues: - CVE-2024-11407: data corruption on servers with transmit zero copy enabled. bsc1233821 - CVE-2024-7246: HPACK table poisoning by gRPC clients communicating with a HTTP/2 proxy. bsc1228919...
DEBIAN-CVE-2024-7246
It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the...
Expected Behavior Violation
Overview Affected versions of this package are vulnerable to Expected Behavior Violation via the HPackParser function when the gRPC client is communicating with an HTTP/2 proxy, allowing the attacker to poison the HPACK table. By manipulating the header encoding and poisoning the HPACK table...
Expected Behavior Violation
Overview Affected versions of this package are vulnerable to Expected Behavior Violation via the HPackParser function when the gRPC client is communicating with an HTTP/2 proxy, allowing the attacker to poison the HPACK table. By manipulating the header encoding and poisoning the HPACK table...
PT-2024-38206 · Grpc +2 · Grpc +2
Name of the Vulnerable Software and Affected Versions: gRPC versions prior to 1.58.3 gRPC versions prior to 1.59.5 gRPC versions prior to 1.60.2 gRPC versions prior to 1.61.3 gRPC versions prior to 1.62.3 gRPC versions prior to 1.63.2 gRPC versions prior to 1.64.3 gRPC versions prior to 1.65.4...