Home > Vulnerability Database > CVE-2023-32732

Mend.io Vulnerability Database

CVE-2023-32732

Good to know:

Date: June 9, 2023

gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url

Language: Go

Severity Score

8.8

Related Resources (5)

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/37IDNVY5AWVH7JDMM2SDTL24ZPPZJNSY/

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-32732

Url: https://github.com/grpc/grpc/pull/32309

Url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VWE44J5FG7THHL7XVEVTNIGEYBNKJBLL/

Url: https://www.mend.io/vulnerability-database/CVE-2023-32732

Severity Score

8.8

Top Fix

Upgrade Version

Upgrade to version v1.53.0

Learn More

CVSS v3.1

Base Score:	8.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-32732

Good to know:

Date: June 9, 2023

Language: Go

Severity Score

Related Resources (5)

Severity Score

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?