CVE-2023-4785: Uncovering a Denial of Service Vulnerability in Google's gRPC TCP Server
CVE-2023-4785 is a recently discovered vulnerability that affects Google's gRPC framework. In particular, the vulnerability arises due to a lack of error handling
CVE-2023-33953: gRPC Vulnerability in HPACK Table Accounting Leads to Potential DOS Attacks
A recent vulnerability has been identified in gRPC (CVE-2023-33953), which affects the HPACK table accounting system. This vulnerability could lead to unwanted disconnects between clients
CVE-2023-35942 - Critical Vulnerability in Envoy Proxy: gRPC Access Loggers Use-After-Free Crash
Envoy is a popular open source edge and service proxy specifically designed for cloud-native applications. It helps enable secure and reliable communication across multiple microservices.
CVE-2018-17453: Uncovering the GitLab Vulnerability and Understanding its Exploit
CVE-2018-17453 is a security vulnerability that affected GitLab Community and Enterprise Editions in versions prior to 11.1.7, 11.2.x before 11.2.
CVE-2023-29193: SpiceDB's gRPC API Pre-shared Key Exposure via Metrics Service Endpoint
SpiceDB is an open-source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. It is widely used and has recently come under scrutiny
Episode
00:00:00
00:00:00