grpc (SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS package grpc, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2023-33953 — CVSS 7.5 (high): gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in…
CVE-2023-4785 — CVSS 7.5 (high): Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an…
CVE-2023-32731 — CVSS 7.4 (high): When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table…
CVE-2023-32732 — CVSS 5.3 (medium): gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64…