HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption.
{
"source": "CPE_STRING",
"cpe": [
"cpe:2.3:a:linuxfoundation:grpc_swift:1.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:linuxfoundation:grpc_swift:1.1.0:*:*:*:*:*:*:*",
"cpe:2.3:a:linuxfoundation:grpc_swift:1.1.1:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "1.0.0"
},
{
"last_affected": "1.0.0"
},
{
"introduced": "1.1.0"
},
{
"last_affected": "1.1.0"
},
{
"introduced": "1.1.1"
},
{
"last_affected": "1.1.1"
}
]
}