Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HGrpc
APPGrpc≤ 1.1.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
Related vulnerabilities
CVE-2026-33186CRITICAL9.1PL ✓ten sam produkt
gRPC-Go: Authorization Bypass przez nieprawidłowy nagłówek HTTP/2 :path
CVE-2017-9431CRITICAL9.8ten sam produkt
Google gRPC before 2017-04-05 has an out-of-bounds write caused by a heap-based buffer overflow related to cor...
CVE-2017-8359CRITICAL9.8ten sam produkt
Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the ...
CVE-2017-7861CRITICAL9.8ten sam produkt
Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/...
CVE-2023-4785HIGH7.5ten sam produkt
Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms ...