CVE-2022-24777
- EPSS 0.33%
- Veröffentlicht 25.03.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:51:04
grpc-swift is the Swift language implementation of gRPC, a remote procedure call (RPC) framework. Prior to version 1.7.2, a grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This is due to incorrect logic when h...
CVE-2021-36153
- EPSS 1.36%
- Veröffentlicht 09.07.2021 12:15:08
- Zuletzt bearbeitet 21.11.2024 06:13:12
Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests.
CVE-2021-36154
- EPSS 0.85%
- Veröffentlicht 09.07.2021 12:15:08
- Zuletzt bearbeitet 21.11.2024 06:13:12
HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption.
CVE-2021-36155
- EPSS 0.85%
- Veröffentlicht 09.07.2021 12:15:08
- Zuletzt bearbeitet 21.11.2024 06:13:12
LengthPrefixedMessageReader in gRPC Swift 1.1.0 and earlier allocates buffers of arbitrary length, which allows remote attackers to cause uncontrolled resource consumption and deny service.