Lucene search
PRIOn knowledge basePRION:CVE-2023-1428HistoryJun 09, 2023 - 11:15 a.m.
Code injection
2023-06-0911:15:00
PRIOn knowledge base
www.prio-n.com
11
code injection
grpc
vulnerability
There exists an vulnerability causing an abort() to be called in gRPC.Β
The following headers cause gRPCβs C++ implementation to abort() when called via http2:
te: x (x != trailers)
:scheme: x (x != http, https)
grpclb_client_stats: x (x == anything)
On top of sending one of those headers, a later header must be sent that gets the total header size past 8KB. We recommend upgrading past git commitΒ 2485fa94bd8a723e5c977d55a3ce10b301b437f8 or v1.53 and above.
Related
veracode
veracode
Denial Of Service (DoS)
2023-07-13 07:39:05
redhatcve
redhatcve
CVE-2023-1428
2023-06-13 06:35:32
nvd
nvd
CVE-2023-1428
2023-06-09 11:15:09
osv
osv
CVE-2023-1428
2023-06-09 11:15:09
gRPC Reachable Assertion issue
2023-07-06 21:15:08
cgr
cgr
CVE-2023-1428 vulnerabilities
2024-05-19 03:07:16
github
github
gRPC Reachable Assertion issue
2023-07-06 21:15:08
debiancve
debiancve
CVE-2023-1428
2023-06-09 11:15:09
cve
cve
CVE-2023-1428
2023-06-09 11:15:09
cvelist
cvelist
CVE-2023-1428 Denial-of-Service in gRPC
2023-06-09 10:46:54
ubuntucve
ubuntucve
CVE-2023-1428
2023-06-09 00:00:00
wolfi
wolfi
CVE-2023-1428 vulnerabilities
2024-07-03 16:16:08
