CVE-2021-36154
N/A
N/A
Summary
HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/grpc/grpc-swift/releases
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35274
- https://github.com/grpc/grpc-swift/security/advisories/GHSA-4rhq-vq24-88gw
References
- https://github.com/grpc/grpc-swift/releases
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35274
- https://github.com/grpc/grpc-swift/security/advisories/GHSA-4rhq-vq24-88gw
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.