35 matches found
Security update for ignition
This update for ignition fixes the following issue: CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260251 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
EUVD-2017-16836
Malware in sbrugna...
EUVD-2017-16835
Malware in sbrugna...
EUVD-2017-18366
Malware in sbrugna...
EUVD-2017-0058
Malware in sbrugna...
EUVD-2023-2551
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-7860
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parseunix function in...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to denial of service in Google gRPC [CVE-2023-4785]
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to denial of service in Google gRPC, caused by a lack of error handling in the TCP server on posix-compatible platforms CVE-2023-4785. Google gRPC is used in our Speech Services runtimes. This vulnerabilitiy has...
Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.13 and earlier
Summary This fix upgrades to node 18.18.0 and grpc 1.58.0. Vulnerability Details CVEID:CVE-2023-4785 DESCRIPTION: Google gRPC is vulnerable to a denial of service, caused by a lack of error handling in the TCP server on posix-compatible platforms. By initiating a significant number of connections...
CVE-2023-4785
Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms ex. Linux allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Jav...
PT-2023-24594
Name of the Vulnerable Software and Affected Versions gRPC affected versions not specified Description The issue allows hpack table accounting errors, which could lead to unwanted disconnects between clients and servers in exceptional cases. Three vectors were found that allow the following DOS...
SUSE CVE-2017-9431
Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c...
Security Bulletin: IBM Security Verify Information Queue uses a Google gRPC framework with multiple vulnerabilities (CVE-2017-7860, CVE-2017-7861, CVE-2017-9431)
Summary The connect image in IBM Security Verify Information Queue ISIQ v10.0.2 uses an older version of the Google RPC gRPC framework that is vulnerable to denial of service and buffer overflow attacks. ISIQ v10.0.3 upgraded its connect image to include a newer gRPC level that remediates the...
CVE-2017-9431
Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c...
Heap overflow
Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c...
CVE-2017-9431
Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c...
CVE-2017-9431
Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c...
CVE-2017-9431
Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c...
CVE-2017-8359
Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpccalldestroy function in core/lib/surface/call.c...
CVE-2017-8359
Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpccalldestroy function in core/lib/surface/call.c...