3 matches found
Security Bulletin: IBM Security Verify Information Queue uses a Google gRPC framework with multiple vulnerabilities (CVE-2017-7860, CVE-2017-7861, CVE-2017-9431)
Summary The connect image in IBM Security Verify Information Queue ISIQ v10.0.2 uses an older version of the Google RPC gRPC framework that is vulnerable to denial of service and buffer overflow attacks. ISIQ v10.0.3 upgraded its connect image to include a newer gRPC level that remediates the...
DEBIAN-CVE-2017-7860
Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parseunix function in core/ext/clientchannel/parseaddress.c...
CVE-2017-7860
CVE-2017-7860 : Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow in parse_unix (core/ext/client_channel/parse_address.c). Connected sources describe it as a heap-based overflow that could impact availability, integrity, and confidentiality (NVD CVSS3...