Metrics
Affected Vendors & Products
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
cvssV3_1
|
Wed, 02 Oct 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Hyperium
Hyperium tonic |
|
CPEs | cpe:2.3:a:hyperium:tonic:*:*:*:*:*:*:*:* | |
Vendors & Products |
Hyperium
Hyperium tonic |
|
Metrics |
cvssV3_1
|
ssvc
|
Wed, 02 Oct 2024 01:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Tue, 01 Oct 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Tonic is a native gRPC client & server implementation with async/await support. When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a TCP/TLS stream. This can be triggered by causing the accept call to error out with errors that were not covered correctly causing the accept loop to exit. Upgrading to tonic 0.12.3 and above contains the fix. | |
Title | Remotely exploitable DoS in Tonic `<=v0.12.2` | |
Weaknesses | CWE-755 | |
References |
| |
Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-10-01T20:13:55.017Z
Updated: 2024-11-21T16:56:13.633Z
Reserved: 2024-09-27T20:37:22.120Z
Link: CVE-2024-47609
Updated: 2024-10-02T13:14:25.218Z
Status : Awaiting Analysis
Published: 2024-10-01T21:15:08.400
Modified: 2024-11-21T17:15:17.250
Link: CVE-2024-47609