CRITICAL🇬🇧 English

CVE-2017-8359

CVSS 9.8v3.0pub. 2017-04-30upd. 2026-05-13

Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpc_call_destroy function in core/lib/surface/call.c.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Grpc

    APP
    Grpc
    ≤ 1.2.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Memory
CWE
Referencje

Powiązane podatności

CVE-2026-33186CRITICAL9.1PL ✓ten sam produkt

gRPC-Go: Authorization Bypass przez nieprawidłowy nagłówek HTTP/2 :path

CVE-2017-9431CRITICAL9.8ten sam produkt

Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to cor...

CVE-2017-7861CRITICAL9.8ten sam produkt

Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/...

CVE-2017-7860CRITICAL9.8ten sam produkt

Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the...

CVE-2023-4785HIGH7.5ten sam produkt

Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms ...