10 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-32731
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be...
Important: Red Hat Security Advisory: rhc-worker-playbook security update
An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Security Bulletin: IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436
Summary IBM Asset Data Dictionary Component uses grpc-protobuf-1.50.2.jar and jettison-1.5.2.jar which is vulnerable to CVE-2023-32731 and CVE-2023-1436. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2023-32731 DESCRIPTION: gRPC...
openSUSE Security Advisory (SUSE-SU-2024:0573-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
BELL-CVE-2023-32731
Bulletin has no description...
Security Bulletin: gRPC component is vulnerable to CVE-2023-32731 is used by IBM Maximo Application Suite
Summary IBM Maximo Application Suite uses gRPC package which is vulnerable to CVE-2023-32731. Vulnerability Details CVEID:CVE-2023-32731 DESCRIPTION: gRPC could allow a remote attacker to obtain sensitive information, caused by a flaw when gRPC HTTP2 stack raised a header size exceeded error. By...
Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.11 and earlier
Summary This fix upgrades to grpc 1.55.1, jersey 2.39.1, jackson 2.15.2, and socket.io 4.6.2. Vulnerability Details CVEID:CVE-2023-31125 DESCRIPTION: Engine.IO is vulnerable to a denial of service, caused by an uncaught exception. By sending a specially crafted HTTP request, a remote authenticate...
CVE-2023-32731 vulnerabilities
Vulnerabilities for packages: wavefront-proxy...
CVE-2023-32731 vulnerabilities
Vulnerabilities for packages: wavefront-proxy...
CVE-2023-32731
CVE-2023-32731 involves a vulnerability in the gRPC HTTP/2 HPACK handling. When the HPACK header size exceeded error is raised, the stack skips parsing the remainder of the HPACK frame, causing HPACK table mutations to be ignored and desynchronizing the HPACK tables between sender and receiver. T...