GHSA-rxmj-hg9v-vp3p

Source
https://github.com/advisories/GHSA-rxmj-hg9v-vp3p
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/06/GHSA-rxmj-hg9v-vp3p/GHSA-rxmj-hg9v-vp3p.json
Aliases
Published
2023-06-09T19:32:11Z
Modified
2023-11-08T04:06:12.352759Z
Details

Impact

Affected gRPC Swift clients and servers are vulnerable to uncontrolled resource consumption attacks. Excessive memory may be allocated when parsing messages. This can lead to a denial of service.

Patches

The problem has been fixed in 1.2.0.

Workarounds

No workaround is available. Users must upgrade.

References

Affected packages

SwiftURL / github.com/grpc/grpc-swift

Package

Name
github.com/grpc/grpc-swift

Affected ranges

Type
SEMVER
Events
Introduced
0The exact introduced commit is unknown
Fixed
1.2.0