LAYER: meta-oe
PACKAGE NAME: grpc
PACKAGE VERSION: 1.60.1
CVE: CVE-2017-7860
CVE STATUS: Patched
CVE SUMMARY: Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-7860

LAYER: meta-oe
PACKAGE NAME: grpc
PACKAGE VERSION: 1.60.1
CVE: CVE-2017-7861
CVE STATUS: Patched
CVE SUMMARY: Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-7861

LAYER: meta-oe
PACKAGE NAME: grpc
PACKAGE VERSION: 1.60.1
CVE: CVE-2017-8359
CVE STATUS: Patched
CVE SUMMARY: Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpc_call_destroy function in core/lib/surface/call.c.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-8359

LAYER: meta-oe
PACKAGE NAME: grpc
PACKAGE VERSION: 1.60.1
CVE: CVE-2017-9431
CVE STATUS: Patched
CVE SUMMARY: Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c.
CVSS v2 BASE SCORE: 7.5
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:P/I:P/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2017-9431

LAYER: meta-oe
PACKAGE NAME: grpc
PACKAGE VERSION: 1.60.1
CVE: CVE-2020-7768
CVE STATUS: Patched
CVE SUMMARY: The package grpc before 1.24.4; the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition.
CVSS v2 BASE SCORE: 5.0
CVSS v3 BASE SCORE: 9.8
VECTOR: NETWORK
VECTORSTRING: AV:N/AC:L/Au:N/C:N/I:N/A:P
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2020-7768

LAYER: meta-oe
PACKAGE NAME: grpc
PACKAGE VERSION: 1.60.1
CVE: CVE-2023-1428
CVE STATUS: Patched
CVE SUMMARY: There exists an vulnerability causing an abort() to be called in gRPC.Â 
The following headers cause gRPC's C++ implementation to abort() when called via http2:

te: x (x != trailers)

:scheme: x (x != http, https)

grpclb_client_stats: x (x == anything)

On top of sending one of those headers, a later header must be sent that gets the total header size past 8KB. We recommend upgrading past git commitÂ 2485fa94bd8a723e5c977d55a3ce10b301b437f8 or v1.53 and above.


CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.5
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-1428

LAYER: meta-oe
PACKAGE NAME: grpc
PACKAGE VERSION: 1.60.1
CVE: CVE-2023-32731
CVE STATUS: Patched
CVE SUMMARY: When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained inÂ  https://github.com/grpc/grpc/pull/33005 https://github.com/grpc/grpc/pull/33005 

CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.5
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-32731

LAYER: meta-oe
PACKAGE NAME: grpc
PACKAGE VERSION: 1.60.1
CVE: CVE-2023-32732
CVE STATUS: Patched
CVE SUMMARY: gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit inÂ  https://github.com/grpc/grpc/pull/32309 https://www.google.com/url 

CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 5.3
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-32732

LAYER: meta-oe
PACKAGE NAME: grpc
PACKAGE VERSION: 1.60.1
CVE: CVE-2023-33953
CVE STATUS: Patched
CVE SUMMARY: gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/Â Three vectors were found that allow the following DOS attacks:

- Unbounded memory buffering in the HPACK parser
- Unbounded CPU consumption in the HPACK parser

The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.

The unbounded memory buffering bugs:

- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.
- HPACK varints have an encoding quirk whereby an infinite number of 0â€™s can be added at the start of an integer. gRPCâ€™s hpack parser needed to read all of them before concluding a parse.
- gRPCâ€™s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etcâ€¦
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.5
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-33953

LAYER: meta-oe
PACKAGE NAME: grpc
PACKAGE VERSION: 1.60.1
CVE: CVE-2023-44487
CVE STATUS: Patched
CVE SUMMARY: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.5
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-44487

LAYER: meta-oe
PACKAGE NAME: grpc
PACKAGE VERSION: 1.60.1
CVE: CVE-2023-4785
CVE STATUS: Patched
CVE SUMMARY: Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT affected.Â 
CVSS v2 BASE SCORE: 0.0
CVSS v3 BASE SCORE: 7.5
VECTOR: NETWORK
VECTORSTRING: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
MORE INFORMATION: https://nvd.nist.gov/vuln/detail/CVE-2023-4785