Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpc_call_destroy function in core/lib/surface/call.c.
oryginał ENCVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HGrpc
APPGrpc≤ 1.2.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Memory
CWE
Powiązane podatności
CVE-2026-33186CRITICAL9.1PL ✓ten sam produkt
gRPC-Go: Authorization Bypass przez nieprawidłowy nagłówek HTTP/2 :path
CVE-2017-9431CRITICAL9.8ten sam produkt
Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to cor...
CVE-2017-7861CRITICAL9.8ten sam produkt
Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/...
CVE-2017-7860CRITICAL9.8ten sam produkt
Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the...
CVE-2023-4785HIGH7.5ten sam produkt
Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms ...