Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denial of Service in gRPC Core
Vulnerability Description
Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT affected.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未捕获的异常
Vulnerability Title
gRPC 安全漏洞
Vulnerability Description
gRPC是gRPC开源的一种现代、开源、高性能的远程过程调用 (RPC) 框架。 gRPC 1.23版本存在安全漏洞,该漏洞源于TCP服务器中缺乏错误处理,允许攻击者通过启动与服务器的大量连接来导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A