grpc is vulnerable to Denial Of Service (DoS). The vulnerability exists due to improper header validation which allows an attacker to send headers such as te: x (x != trailers)
, scheme: x (x != http, https)
, and grpclb_client_stats: x (x == anything)
, leading to the total header size being over 8kb, resulting in an application crash.
CPE | Name | Operator | Version |
---|---|---|---|
grpcio | le | 1.52.0 | |
grpc | le | 1.52.2 | |
grpc.net.client | le | 2.51.0 | |
grpc.net.client.web | le | 2.51.0 | |
io.grpc:grpc-xds | le | 1.52.1 | |
grpc | le | 1.52.0 | |
libgrpc.so | le | 30.0.0 | |
grpcio | le | 1.52.0 | |
grpc | le | 1.52.2 | |
grpc.net.client | le | 2.51.0 |
github.com/advisories/GHSA-6628-q6j9-w8vg
github.com/grpc/grpc-dotnet/commit/96ea3836b4f0534e844513c49c63a00c395a20fd
github.com/grpc/grpc-java/commit/d07ecbe037d2705a1c9f4b6345581f860e505b56
github.com/grpc/grpc/commit/2485fa94bd8a723e5c977d55a3ce10b301b437f8
github.com/grpc/grpc/commit/7a1412fa12e3ad4735890815b4dd4936c595a345