io.grpc:grpc-protobuf (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package io.grpc:grpc-protobuf, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2023-1428 — CVSS 7.5 (high): There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC's C++ implementation to abort()…
CVE-2023-32731 — CVSS 7.4 (high): When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table…
CVE-2023-32732 — CVSS 5.3 (medium): gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64…