3 matches found
SUSE CVE-2023-33953
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...
Medium: cri-tools
Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...
PT-2023-24594
Name of the Vulnerable Software and Affected Versions gRPC affected versions not specified Description The issue allows hpack table accounting errors, which could lead to unwanted disconnects between clients and servers in exceptional cases. Three vectors were found that allow the following DOS...