CRITICAL🇬🇧 English

CVE-2017-7861

CVSS 9.8v3.0pub. 2017-04-14upd. 2026-05-13

Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Grpc

    APP
    Grpc
    ≤ 1.1.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Memory
CWE
Referencje

Powiązane podatności

CVE-2026-33186CRITICAL9.1PL ✓ten sam produkt

gRPC-Go: Authorization Bypass przez nieprawidłowy nagłówek HTTP/2 :path

CVE-2017-9431CRITICAL9.8ten sam produkt

Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to cor...

CVE-2017-8359CRITICAL9.8ten sam produkt

Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the ...

CVE-2017-7860CRITICAL9.8ten sam produkt

Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the...

CVE-2023-4785HIGH7.5ten sam produkt

Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms ...

CVE-2017-7861 — CRITICAL 9.8 | CVEbaza.pl