SUSE SLED15 / SLES15 Security Update : grpc (SUSE-SU-2026:0840-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0840-1 advisory. This update for grpc fixes the following issue: - CVE-2023-33953: unbounded memory and CPU consumption in the HPACK...

Security update for grpc

This update for grpc fixes the following issue: CVE-2023-33953: unbounded memory and CPU consumption in the HPACK parser leads to remote DoS bsc1214148. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2026:0840-1 Security update for grpc

This update for grpc fixes the following issue: - CVE-2023-33953: unbounded memory and CPU consumption in the HPACK parser leads to remote DoS bsc1214148...

EUVD-2023-2204

Malicious code in bioql PyPI...

Expected Behavior Violation

Overview Affected versions of this package are vulnerable to Expected Behavior Violation via the HPackParser function when the gRPC client is communicating with an HTTP/2 proxy, allowing the attacker to poison the HPACK table. By manipulating the header encoding and poisoning the HPACK table...

Expected Behavior Violation

Overview Affected versions of this package are vulnerable to Expected Behavior Violation via the HPackParser function when the gRPC client is communicating with an HTTP/2 proxy, allowing the attacker to poison the HPACK table. By manipulating the header encoding and poisoning the HPACK table...

Huawei EulerOS: Security Advisory for grpc (EulerOS-SA-2024-1083)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

gRPC is vulnerable to Denial Of Service DoS. The vulnerability exists because the file descriptor is not properly handled, which leads to the termination of the connection between a proxy and a backend when a hpack table accounting errors occur, allowing an attacker to cause an application crash ...

CVE-2023-33953

A flaw was found in the gRPC lib. This vulnerability allows hpack table accounting errors that could lead to unwanted disconnects between clients and servers in exceptional cases. This issue leads to Unbounded memory buffering in the HPACK parser and Unbounded CPU consumption in the HPACK parser...

AZL-27911 CVE-2023-33953 affecting package grpc 1.42.0-11

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

CVE-2023-33953

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

CVE-2023-33953

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

Excessive Iteration in gRPC

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

grpc: Global-buffer-overflow in grpc_chttp2_hptbl_add

Project: https://github.com/grpc/grpc.git Detailed report: https://oss-fuzz.com/testcase?key=6354411624333312 Project: grpc Fuzzer: libFuzzergrpchpackparserfuzzertest Fuzz target binary: hpackparserfuzzertest Job Type: libfuzzerasangrpc Platform Id: linux Crash Type: Global-buffer-overflow READ 8...