CVE-2023-32732

MEDIUM Year: 2023
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-440
View all →

Vulnerability Description

gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url

Related Vulnerabilities

CVE-2025-27094

MEDIUM
CVSS:5.4(Medium)

Tuleap is an open-source suite designed to improve software development management and collaboration. A malicious user with access to a tracker could force-reset certain field configurations, leading ...

CWE-4402025

CVE-2020-10766

MEDIUM
CVSS:5.5(Medium)

A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context...

CWE-4402020

CVE-2020-10767

MEDIUM
CVSS:5.5(Medium)

A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or...

CWE-4402020

CVE-2020-10768

MEDIUM
CVSS:5.5(Medium)

A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as ...

CWE-4402020

CVE-2022-3344

MEDIUM
CVSS:5.5(Medium)

A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault ...

CWE-4402022

CVE-2024-47762

MEDIUM
CVSS:5.8(Medium)

Backstage is an open framework for building developer portals. Configuration supplied through APP_CONFIG_* environment variables, for example APP_CONFIG_backend_listen_port=7007, where unexpectedly ig...

CWE-4402024