GO-2024-2978 Private tokens could appear in logs if context containing gRPC metadata is logged in google.golang.org/grpc

If applications print or log a context containing gRPC metadata, the output will contain all the metadata, which may include private information. This represents a potential PII concern...

GHSA-XR7Q-JX4M-X55M Private tokens could appear in logs if context containing gRPC metadata is logged in github.com/grpc/grpc-go

Impact This issue represents a potential PII concern. If applications were printing or logging a context containing gRPC metadata, the affected versions will contain all the metadata, which may include private information. Patches The issue first appeared in 1.64.0 and is patched in 1.64.1 and...

Private tokens could appear in logs if context containing gRPC metadata is logged in github.com/grpc/grpc-go

Impact This issue represents a potential PII concern. If applications were printing or logging a context containing gRPC metadata, the affected versions will contain all the metadata, which may include private information. Patches The issue first appeared in 1.64.0 and is patched in 1.64.1 and...

Excessive Iteration in gRPC

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...