​
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-mpfj-qrf3-73fp

Published

Last updated

https://images.chainguard.dev/security/CGA-mpfj-qrf3-73fp
Package

wavefront-proxy

Latest Update
Fixed
Fixed Version

13.4-r1

Aliases
  • CVE-2023-32732
  • GHSA-9hxf-ppjv-w6rq

Severity

5.3

Medium

CVSS V3

Summary

gRPC connection termination issue

Description

gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309.

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogResearchEventsTrust CenterDocumentation