Security Bulletin: Vulnerability in gRPC-Go bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage
Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the gRPC-Go library, which is vulnerable to an authorization bypass. This issue is caused by improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server incorrectly accepted requests where the...