16 matches found
EUVD-2023-1664
Malicious code in bioql PyPI...
EUVD-2023-1886
Malicious code in bioql PyPI...
EUVD-2023-1873
Malicious code in bioql PyPI...
CVE-2021-36154
HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption...
CVE-2021-36153
Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests...
GHSA-RXMJ-HG9V-VP3P Uncontrolled Resource Consumption in LengthPrefixedMessageReader
Impact Affected gRPC Swift clients and servers are vulnerable to uncontrolled resource consumption attacks. Excessive memory may be allocated when parsing messages. This can lead to a denial of service. Patches The problem has been fixed in 1.2.0. Workarounds No workaround is available. Users mus...
Uncontrolled Resource Consumption in LengthPrefixedMessageReader
Affected gRPC Swift clients and servers are vulnerable to uncontrolled resource consumption attacks. Excessive memory may be allocated when parsing messages. This can lead to a denial of service...
Denial of Service (DoS)
Overview grpc/grpc-swift is a Swift language implementation of gRPC. Affected versions of this package are vulnerable to Denial of Service DoS. Excessive memory may be allocated when parsing messages. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...
gRPC Swift Resource Management Error Vulnerability
gRPC Swift is the open source Swift language implementation of gRPC, which includes a gRPC Swift API and code generator. The API and generated code are provided for gRPC clients and servers and can be built using Xcode or the Swift Package Manager. gRPC Swift contains a security vulnerability...
CVE-2021-36154
HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption...
CVE-2021-36154
HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption...
CVE-2021-36153
Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests...
CVE-2021-36153
Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests...
CVE-2021-36154
HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption...
CVE-2021-36154
CVE-2021-36154 affects gRPC Swift up to version 1.1.1, where HTTP2ToRawGRPCServerCodec can mishandle multiple small messages in a single HTTP/2 frame, causing uncontrolled recursion and denial of service. Public advisories (GHSA-4RHQ-VQ24-88GW and OSV/Red Hat entries) confirm the issue and state ...
PT-2021-21142 · Unknown · Grpc Swift
Name of the Vulnerable Software and Affected Versions: gRPC Swift versions 1.1.1 and earlier Description: The issue allows remote attackers to cause a denial of service via the delivery of many small messages within a single HTTP/2 frame, leading to uncontrolled recursion and stack consumption...