57 matches found
EulerOS 2.0 SP11 : grpc (EulerOS-SA-2023-3007)
According to the versions of the grpc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exception...
EulerOS 2.0 SP10 : grpc (EulerOS-SA-2024-1083)
According to the versions of the grpc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exception...
EulerOS 2.0 SP10 : grpc (EulerOS-SA-2024-1059)
According to the versions of the grpc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exception...
Huawei EulerOS: Security Advisory for grpc (EulerOS-SA-2023-3007)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Excessive Iteration in gRPC
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...
CVE-2023-33953
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...
AZL-34770 CVE-2023-33953 affecting package grpc for versions less than 1.62.0-2
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...
CVE-2023-33953
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...
UBUNTU-CVE-2023-33953
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...
CVE-2023-33953 Denial-of-Service in gRPC
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...
CVE-2023-33953
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...
CVE-2023-33953
CVE-2023-33953 concerns the gRPC HPACK parser. Multiple vectors cause denial-of-service via: (1) unbounded memory buffering due to header size checks behind string reads, (2) unbounded CPU due to per-input-block memory copies creating an 0(n^2) parsing loop, (3) HPACK varints that can start with ...
PT-2023-24594
Name of the Vulnerable Software and Affected Versions gRPC affected versions not specified Description The issue allows hpack table accounting errors, which could lead to unwanted disconnects between clients and servers in exceptional cases. Three vectors were found that allow the following DOS...
netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way
A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service...
UBUNTU-CVE-2021-28714
Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...
March 23, 2018—KB4088881 (Preview of Monthly Rollup)
March 23, 2018—KB4088881 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4088875 released March 13, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Improves...
USN-2639-1 openssl vulnerabilities
Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-8176 Joseph...