VYPR

rpm package

suse/python-grpcio&distro=SUSE Linux Enterprise Module for Public Cloud 15 SP4

pkg:rpm/suse/python-grpcio&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4

Vulnerabilities (3)

  • CVE-2024-11407Nov 26, 2024
    affected < 1.60.1-150400.9.10.1fixed 1.60.1-150400.9.10.1

    There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPC_ARG_TCP_TX_ZEROCOPY_ENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmi

  • CVE-2024-7246Aug 6, 2024
    affected < 1.60.1-150400.9.10.1fixed 1.60.1-150400.9.10.1

    It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This oc

  • CVE-2023-30608Apr 18, 2023
    affected < 1.60.1-150400.9.7.2fixed 1.60.1-150400.9.7.2

    sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service). This issue was introduced by commit `e75e358`. The vulnerability may lead to Denial of