You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description:
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in grpc/grpc#32309https://www.google.com/url
Cross references:
No existing reports found with this module or alias.
See doc/triage.md for instructions on how to triage this report.
modules:
- module: github.com/grpc/grpc
packages:
- package: gRPC
description: "gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url \n\n"
cves:
- CVE-2023-32732
references:
- fix: https://github.com/grpc/grpc/pull/32309
The text was updated successfully, but these errors were encountered:
CVE-2023-32732 references github.com/grpc/grpc, which may be a Go module.
Description:
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for
-bin
suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in grpc/grpc#32309 https://www.google.com/urlReferences:
Cross references:
No existing reports found with this module or alias.
See doc/triage.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: