csaf_redhat - rhsa-2024

rhsa-2024_10761

Vulnerability from csaf_redhat

Published

2024-12-03 16:21

Modified

2024-12-17 19:34

Summary

Red Hat Security Advisory: rhc-worker-playbook security update

Notes

Topic

An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Python-based worker for Red Hat connect, used to launch Ansible playbooks via Ansible Runner. Security Fix(es): * python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli (CVE-2022-40898) * gRPC: sensitive information disclosure (CVE-2023-32731) * gRPC: Reachable Assertion (CVE-2023-1428) * gRPC: hpack table accounting errors can lead to denial of service (CVE-2023-33953) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Python-based worker for Red Hat connect, used to launch Ansible playbooks via Ansible Runner.\n\nSecurity Fix(es):\n\n* python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli (CVE-2022-40898)\n\n* gRPC: sensitive information disclosure (CVE-2023-32731)\n\n* gRPC: Reachable Assertion (CVE-2023-1428)\n\n* gRPC: hpack table accounting errors can lead to denial of service (CVE-2023-33953)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:10761",
        "url": "https://access.redhat.com/errata/RHSA-2024:10761"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2165864",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165864"
      },
      {
        "category": "external",
        "summary": "2214463",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214463"
      },
      {
        "category": "external",
        "summary": "2214473",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214473"
      },
      {
        "category": "external",
        "summary": "2230890",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230890"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10761.json"
      }
    ],
    "title": "Red Hat Security Advisory: rhc-worker-playbook security update",
    "tracking": {
      "current_release_date": "2024-12-17T19:34:04+00:00",
      "generator": {
        "date": "2024-12-17T19:34:04+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.3"
        }
      },
      "id": "RHSA-2024:10761",
      "initial_release_date": "2024-12-03T16:21:41+00:00",
      "revision_history": [
        {
          "date": "2024-12-03T16:21:41+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-12-03T16:21:41+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-17T19:34:04+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                  "product_id": "AppStream-9.5.0.Z.MAIN",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.src",
                "product": {
                  "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.src",
                  "product_id": "rhc-worker-playbook-0:0.1.10-1.el9_5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
                "product": {
                  "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
                  "product_id": "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
                "product": {
                  "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
                  "product_id": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
                "product": {
                  "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
                  "product_id": "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
                "product": {
                  "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
                  "product_id": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
                "product": {
                  "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
                  "product_id": "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64",
                "product": {
                  "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64",
                  "product_id": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
                "product": {
                  "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
                  "product_id": "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
                "product": {
                  "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
                  "product_id": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64"
        },
        "product_reference": "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le"
        },
        "product_reference": "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x"
        },
        "product_reference": "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src"
        },
        "product_reference": "rhc-worker-playbook-0:0.1.10-1.el9_5.src",
        "relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64"
        },
        "product_reference": "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64"
        },
        "product_reference": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
        "relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le"
        },
        "product_reference": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
        "relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x"
        },
        "product_reference": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
        "relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
        },
        "product_reference": "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64",
        "relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-40898",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2022-12-23T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2165864"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-40898"
        },
        {
          "category": "external",
          "summary": "RHBZ#2165864",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165864"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-40898",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-40898"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40898",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40898"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-qwmp-2cf2-g9g6",
          "url": "https://github.com/advisories/GHSA-qwmp-2cf2-g9g6"
        }
      ],
      "release_date": "2022-12-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-03T16:21:41+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli"
    },
    {
      "cve": "CVE-2023-1428",
      "cwe": {
        "id": "CWE-617",
        "name": "Reachable Assertion"
      },
      "discovery_date": "2023-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2214473"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the gRPC library. Affected versions of this package are vulnerable to a reachable assertion, causing the abort function to be called and resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gRPC: Reachable Assertion",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is specific to the C++, Python and Ruby implementations of gRPC prior to the 1.53 release.\nThe gRPC library was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library and has since been removed.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-1428"
        },
        {
          "category": "external",
          "summary": "RHBZ#2214473",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214473"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-1428",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-1428"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1428",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1428"
        }
      ],
      "release_date": "2023-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-03T16:21:41+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10761"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "gRPC: Reachable Assertion"
    },
    {
      "cve": "CVE-2023-32731",
      "cwe": {
        "id": "CWE-440",
        "name": "Expected Behavior Violation"
      },
      "discovery_date": "2023-06-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2214463"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in gRPC. This flaw allows a remote attacker to obtain sensitive information, caused by a flaw when the gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker can obtain sensitive information, and use this information to launch further attacks against the affected system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gRPC: sensitive information disclosure",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-32731"
        },
        {
          "category": "external",
          "summary": "RHBZ#2214463",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2214463"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-32731",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-32731"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-32731",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32731"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-cfgp-2977-2fmm",
          "url": "https://github.com/advisories/GHSA-cfgp-2977-2fmm"
        }
      ],
      "release_date": "2023-06-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-03T16:21:41+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10761"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "gRPC: sensitive information disclosure"
    },
    {
      "cve": "CVE-2023-33953",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "discovery_date": "2023-08-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2230890"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the gRPC lib. This vulnerability allows hpack table accounting errors that could lead to unwanted disconnects between clients and servers in exceptional cases. This issue leads to Unbounded memory buffering in the HPACK parser and Unbounded CPU consumption in the HPACK parser.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gRPC: hpack table accounting errors can lead to denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is specific to C++ implementations of gRPC prior to the 1.57 release. The gRPC library was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library and has since been removed.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
          "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-33953"
        },
        {
          "category": "external",
          "summary": "RHBZ#2230890",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230890"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-33953",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-33953"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-33953",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33953"
        },
        {
          "category": "external",
          "summary": "https://cloud.google.com/support/bulletins#gcp-2023-022",
          "url": "https://cloud.google.com/support/bulletins#gcp-2023-022"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-496j-2rq6-j6cc",
          "url": "https://github.com/advisories/GHSA-496j-2rq6-j6cc"
        }
      ],
      "release_date": "2023-08-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-12-03T16:21:41+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:10761"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x",
            "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "gRPC: hpack table accounting errors can lead to denial of service"
    }
  ]
}

cve-2023-1428

Vulnerability from cvelistv5

Published

2023-06-09 10:46

Modified

2024-09-26 18:58

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC's C++ implementation to abort() when called via http2: te: x (x != trailers) :scheme: x (x != http, https) grpclb_client_stats: x (x == anything) On top of sending one of those headers, a later header must be sent that gets the total header size past 8KB. We recommend upgrading past git commit 2485fa94bd8a723e5c977d55a3ce10b301b437f8 or v1.53 and above.

References

▼	URL	Tags
	https://github.com/grpc/grpc/commit/2485fa94bd8a723e5c977d55a3ce10b301b437f8

Impacted products

Vendor

Product

Version

▼

Google

gRPC

Version: 1.51 < 1.53

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:49:11.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/grpc/grpc/commit/2485fa94bd8a723e5c977d55a3ce10b301b437f8"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:grpc:grpc:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "grpc",
            "vendor": "grpc",
            "versions": [
              {
                "lessThan": "1.53.0",
                "status": "affected",
                "version": "1.51.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-1428",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T18:57:29.444880Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-26T18:58:56.654Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "gRPC",
          "repo": "https://github.com/grpc/grpc",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "1.53",
              "status": "affected",
              "version": "1.51",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-02-28T23:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "There exists an vulnerability causing an abort() to be called in gRPC.\u0026nbsp;\u003cbr\u003e\u003cp\u003eThe following headers cause gRPC\u0027s C++ implementation to abort() when called via http2:\u003c/p\u003e\u003cp\u003e\u003ccode\u003ete: x (x != trailers)\u003c/code\u003e\u003c/p\u003e\u003cp\u003e\u003ccode\u003e:scheme: x (x != http, https)\u003c/code\u003e\u003c/p\u003e\u003cp\u003e\u003ccode\u003egrpclb_client_stats: x (x == anything)\u003c/code\u003e\u003c/p\u003eOn top of sending one of those headers, a later header must be sent that gets the total header size past 8KB. We recommend upgrading past git commit\u0026nbsp;2485fa94bd8a723e5c977d55a3ce10b301b437f8 or v1.53 and above.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "There exists an vulnerability causing an abort() to be called in gRPC.\u00a0\nThe following headers cause gRPC\u0027s C++ implementation to abort() when called via http2:\n\nte: x (x != trailers)\n\n:scheme: x (x != http, https)\n\ngrpclb_client_stats: x (x == anything)\n\nOn top of sending one of those headers, a later header must be sent that gets the total header size past 8KB. We recommend upgrading past git commit\u00a02485fa94bd8a723e5c977d55a3ce10b301b437f8 or v1.53 and above.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-153",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-153 Input Data Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "CWE-617 Reachable Assertion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-09T10:46:54.244Z",
        "orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
        "shortName": "Google"
      },
      "references": [
        {
          "url": "https://github.com/grpc/grpc/commit/2485fa94bd8a723e5c977d55a3ce10b301b437f8"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Fixes available in these releases:\u003cbr\u003e- 1.52.2: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/grpc/grpc/releases/tag/v1.52.2\"\u003ehttps://github.com/grpc/grpc/releases/tag/v1.52.2\u003c/a\u003e\u003cbr\u003e- 1.53.1: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/grpc/grpc/releases/tag/v1.53.1\"\u003ehttps://github.com/grpc/grpc/releases/tag/v1.53.1\u003c/a\u003e\u003cbr\u003e- 1.54.2: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/grpc/grpc/releases/tag/v1.54.2\"\u003ehttps://github.com/grpc/grpc/releases/tag/v1.54.2\u003c/a\u003e\u003cbr\u003e- 1.55.0: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/grpc/grpc/releases/tag/v1.55.0\"\u003ehttps://github.com/grpc/grpc/releases/tag/v1.55.0\u003c/a\u003e\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Fixes available in these releases:\n- 1.52.2:  https://github.com/grpc/grpc/releases/tag/v1.52.2 https://github.com/grpc/grpc/releases/tag/v1.52.2 \n- 1.53.1:  https://github.com/grpc/grpc/releases/tag/v1.53.1 https://github.com/grpc/grpc/releases/tag/v1.53.1 \n- 1.54.2:  https://github.com/grpc/grpc/releases/tag/v1.54.2 https://github.com/grpc/grpc/releases/tag/v1.54.2 \n- 1.55.0:  https://github.com/grpc/grpc/releases/tag/v1.55.0 https://github.com/grpc/grpc/releases/tag/v1.55.0 \n\n"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Denial-of-Service in gRPC",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
    "assignerShortName": "Google",
    "cveId": "CVE-2023-1428",
    "datePublished": "2023-06-09T10:46:54.244Z",
    "dateReserved": "2023-03-16T10:47:22.037Z",
    "dateUpdated": "2024-09-26T18:58:56.654Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-40898

Vulnerability from cvelistv5

Published

2022-12-22 00:00

Modified

2024-08-03 12:28

Severity ?

Summary

An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.

References

▼	URL	Tags
	https://pypi.org/project/wheel/
	https://github.com/pypa/wheel/blob/main/src/wheel/wheelfile.py#L18
	https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:28:42.936Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pypi.org/project/wheel/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/pypa/wheel/blob/main/src/wheel/wheelfile.py#L18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-22T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://pypi.org/project/wheel/"
        },
        {
          "url": "https://github.com/pypa/wheel/blob/main/src/wheel/wheelfile.py#L18"
        },
        {
          "url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-40898",
    "datePublished": "2022-12-22T00:00:00",
    "dateReserved": "2022-09-19T00:00:00",
    "dateUpdated": "2024-08-03T12:28:42.936Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-32731

Vulnerability from cvelistv5

Published

2023-06-09 10:54

Modified

2024-09-26 19:12

Severity ?

7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

Summary

When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained in https://github.com/grpc/grpc/pull/33005 https://github.com/grpc/grpc/pull/33005

References

▼	URL	Tags
	https://github.com/grpc/grpc/pull/32309
	https://github.com/grpc/grpc/pull/33005

Impacted products

Vendor

Product

Version

▼

Google

gRPC

Version: 1.53 <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:25:37.017Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/grpc/grpc/pull/32309"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/grpc/grpc/pull/33005"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:grpc:grpc:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "grpc",
            "vendor": "grpc",
            "versions": [
              {
                "lessThanOrEqual": "1.54",
                "status": "affected",
                "version": "1.53",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32731",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T19:07:16.164767Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-26T19:12:06.245Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "gRPC",
          "repo": "https://github.com/grpc",
          "vendor": "Google",
          "versions": [
            {
              "lessThanOrEqual": "1.54",
              "status": "affected",
              "version": "1.53",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained in\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/grpc/grpc/pull/33005\"\u003ehttps://github.com/grpc/grpc/pull/33005\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": "When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained in\u00a0 https://github.com/grpc/grpc/pull/33005 https://github.com/grpc/grpc/pull/33005 \n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-220",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-220 Client-Server Protocol Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-440",
              "description": "CWE-440: Expected Behavior Violation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-13T15:26:24.636Z",
        "orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
        "shortName": "Google"
      },
      "references": [
        {
          "url": "https://github.com/grpc/grpc/pull/32309"
        },
        {
          "url": "https://github.com/grpc/grpc/pull/33005"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Fixes available in these releases:\u003cbr\u003e- 1.52.2: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/grpc/grpc/releases/tag/v1.52.2\"\u003ehttps://github.com/grpc/grpc/releases/tag/v1.52.2\u003c/a\u003e\u003cbr\u003e- 1.53.1: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/grpc/grpc/releases/tag/v1.53.1\"\u003ehttps://github.com/grpc/grpc/releases/tag/v1.53.1\u003c/a\u003e\u003cbr\u003e- 1.54.2: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/grpc/grpc/releases/tag/v1.54.2\"\u003ehttps://github.com/grpc/grpc/releases/tag/v1.54.2\u003c/a\u003e\u003cbr\u003e- 1.55.0: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/grpc/grpc/releases/tag/v1.55.0\"\u003ehttps://github.com/grpc/grpc/releases/tag/v1.55.0\u003c/a\u003e\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Fixes available in these releases:\n- 1.52.2:  https://github.com/grpc/grpc/releases/tag/v1.52.2 https://github.com/grpc/grpc/releases/tag/v1.52.2 \n- 1.53.1:  https://github.com/grpc/grpc/releases/tag/v1.53.1 https://github.com/grpc/grpc/releases/tag/v1.53.1 \n- 1.54.2:  https://github.com/grpc/grpc/releases/tag/v1.54.2 https://github.com/grpc/grpc/releases/tag/v1.54.2 \n- 1.55.0:  https://github.com/grpc/grpc/releases/tag/v1.55.0 https://github.com/grpc/grpc/releases/tag/v1.55.0 \n\n"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Information leak in gRPC",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
    "assignerShortName": "Google",
    "cveId": "CVE-2023-32731",
    "datePublished": "2023-06-09T10:54:08.472Z",
    "dateReserved": "2023-05-12T08:58:54.033Z",
    "dateUpdated": "2024-09-26T19:12:06.245Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-33953

Vulnerability from cvelistv5

Published

2023-08-09 12:54

Modified

2024-09-27 18:40

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…

References

▼	URL	Tags
	https://cloud.google.com/support/bulletins#gcp-2023-022

Impacted products

Vendor

Product

Version

▼

Google

gRPC

Version: 0 < 1.56.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:54:14.192Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cloud.google.com/support/bulletins#gcp-2023-022"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:grpc:grpc:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "grpc",
            "vendor": "grpc",
            "versions": [
              {
                "lessThan": "1.53.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "154.3",
                "status": "affected",
                "version": "1.54",
                "versionType": "custom"
              },
              {
                "lessThan": "1.55.2",
                "status": "affected",
                "version": "1.55",
                "versionType": "custom"
              },
              {
                "lessThan": "1.56.2",
                "status": "affected",
                "version": "1.56",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-33953",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-27T17:54:21.539206Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-27T18:40:52.297Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "gRPC",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "1.56.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/\u0026nbsp;Three vectors were found that allow the following DOS attacks:\u003cbr\u003e\u003cbr\u003e- Unbounded memory buffering in the HPACK parser\u003cbr\u003e- Unbounded CPU consumption in the HPACK parser\u003cbr\u003e\u003cbr\u003eThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\u003cbr\u003e\u003cbr\u003eThe unbounded memory buffering bugs:\u003cbr\u003e\u003cbr\u003e- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\u003cbr\u003e- HPACK varints have an encoding quirk whereby an infinite number of 0\u2019s can be added at the start of an integer. gRPC\u2019s hpack parser needed to read all of them before concluding a parse.\u003cbr\u003e- gRPC\u2019s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc\u2026"
            }
          ],
          "value": "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/\u00a0Three vectors were found that allow the following DOS attacks:\n\n- Unbounded memory buffering in the HPACK parser\n- Unbounded CPU consumption in the HPACK parser\n\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\n\nThe unbounded memory buffering bugs:\n\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\n- HPACK varints have an encoding quirk whereby an infinite number of 0\u2019s can be added at the start of an integer. gRPC\u2019s hpack parser needed to read all of them before concluding a parse.\n- gRPC\u2019s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc\u2026"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-220",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-220 Client-Server Protocol Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-834",
              "description": "CWE-834 Excessive Iteration",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-789",
              "description": "CWE-789 Memory Allocation with Excessive Size Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-09T12:54:47.415Z",
        "orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
        "shortName": "Google"
      },
      "references": [
        {
          "url": "https://cloud.google.com/support/bulletins#gcp-2023-022"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Denial-of-Service in gRPC",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
    "assignerShortName": "Google",
    "cveId": "CVE-2023-33953",
    "datePublished": "2023-08-09T12:54:47.415Z",
    "dateReserved": "2023-05-24T12:08:31.409Z",
    "dateUpdated": "2024-09-27T18:40:52.297Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2024_10761

Vulnerability from csaf_redhat

cve-2023-1428

Vulnerability from cvelistv5

cve-2022-40898

Vulnerability from cvelistv5

cve-2023-32731

Vulnerability from cvelistv5

cve-2023-33953

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature