gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url
Metrics
Affected Vendors & Products
References
History
Thu, 26 Sep 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Google
Published: 2023-06-09T10:48:15.075Z
Updated: 2024-09-26T19:03:12.183Z
Reserved: 2023-05-12T08:58:54.033Z
Link: CVE-2023-32732
Vulnrichment
Updated: 2024-08-02T15:25:36.637Z
NVD
Status : Modified
Published: 2023-06-09T11:15:09.377
Modified: 2024-11-21T08:03:55.950
Link: CVE-2023-32732
Redhat