gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit inĀ https://github.com/grpc/grpc/pull/32309 https://www.google.com/url
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/32xxx/CVE-2023-32732.json",
"cna_assigner": "Google",
"cwe_ids": [
"CWE-440"
]
}{
"source": [
"AFFECTED_FIELD",
"CPE_RANGE"
],
"cpe": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "1.53"
},
{
"fixed": "1.54"
},
{
"introduced": "0"
},
{
"fixed": "1.53.0"
}
]
}"2026-07-09T11:24:11Z"
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32732.json"
[
{
"id": "CVE-2023-32732-c5f45506",
"digest": {
"line_hashes": [
"153505462668301892070772696189317306250",
"40520222390141456988000868829229775555",
"78570411478650308013931737040086710778",
"60539704661294299732272537641085493035"
],
"threshold": 0.9
},
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/grpc/grpc-java/commit/4ca6de0e8e52386301890b2860fb7a9a7c2c9b7c",
"deprecated": false,
"target": {
"file": "core/src/main/java/io/grpc/internal/GrpcUtil.java"
}
}
]