Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:grpc:grpc:*
  • Search Type: Search All
There are 5 matching records.
Displaying matches 1 through 5.
Vuln ID Summary CVSS Severity
CVE-2020-7768

The package grpc before 1.24.4; the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition.

Published: November 11, 2020; 6:15:10 AM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2017-9431

Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to core/lib/iomgr/error.c.

Published: June 04, 2017; 11:29:00 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-8359

Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpc_call_destroy function in core/lib/surface/call.c.

Published: April 30, 2017; 1:59:00 PM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-7861

Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.

Published: April 14, 2017; 12:59:00 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2017-7860

Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c.

Published: April 14, 2017; 12:59:00 AM -0400
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH