1. Home
  2. Vulnerabilities
  3. CVE-2023-32732

CVE-2023-32732

CVSS v3.1 5.3 (Medium)
53% Progress
EPSS 0.09 % (40th)
0.09% Progress
Affected Products 2
Advisories 5
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in  https://github.com/grpc/grpc/pull/32309 https://www.google.com/url

Weaknesses
CWE-440
Expected Behavior Violation
CWE-NVD-Other
CVE Status
PUBLISHED
CNA
Google Inc.
Published Date
2023-06-09 11:15:09
(15 months ago)
Updated Date
2023-08-02 16:43:16
(13 months ago)

Affected Products

Fedoraproject

Grpc

Configuration #1

    CPE23 From Up To
  Grpc prior 1.53.0 version cpe:2.3:a:grpc:grpc < 1.53.0

Configuration #2

    CPE23 From Up To
  Fedoraproject Fedora 37 cpe:2.3:o:fedoraproject:fedora:37
  Fedoraproject Fedora 38 cpe:2.3:o:fedoraproject:fedora:38