Denial-of-Service in gRPC
CVE-2023-1428
7.5HIGH
Summary
A vulnerability exists in the gRPC C++ implementation that can cause the application to terminate unexpectedly when certain malformed HTTP/2 headers are sent. Specifically, using headers such as 'te: x' (where x is not 'trailers'), ':scheme: x' (when x is not 'http' or 'https'), or 'grpclb_client_stats: x' (when x can be any value), can lead to an abort() function being called. This occurs when such headers are accompanied by a total header size exceeding 8KB. To mitigate this issue, it is strongly advised to upgrade to versions after v1.53 or the specific git commit mentioned.
Affected Version(s)
gRPC 1.51 < 1.53
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved