3 matches found
Security Bulletin: IBM Security Verify Information Queue uses a Google gRPC framework with multiple vulnerabilities (CVE-2017-7860, CVE-2017-7861, CVE-2017-9431)
Summary The connect image in IBM Security Verify Information Queue ISIQ v10.0.2 uses an older version of the Google RPC gRPC framework that is vulnerable to denial of service and buffer overflow attacks. ISIQ v10.0.3 upgraded its connect image to include a newer gRPC level that remediates the...
CVE-2017-9431
Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c...
CVE-2017-9431
CVE-2017-9431 concerns Google gRPC before 2017-04-05, with an out-of-bounds write caused by a heap-based buffer overflow in core/lib/iomgr/error.c. Multiple connected sources (NVD entry and vendor advisories) confirm a heap-based write condition and indicate high impact potential, including the p...