rules_proto_grpc icon indicating copy to clipboard operation
rules_proto_grpc copied to clipboard

Published 20 hours ago verified publisher icon rules-proto-grpc

Vulnerabilities in grpc

Open dannielle-bourne-privitar opened this issue 1 year ago • 0 comments

Description

The version of grpc currently used (1.54.1) has a number of critical and high CVEs. Are there plans to upgrade this?

CVE-2023-32732 Link: https://nvd.nist.gov/vuln/detail/CVE-2023-32732 CVSS: 5.3 Severity: MEDIUM CVE-2023-33953 Link: https://nvd.nist.gov/vuln/detail/CVE-2023-33953 CVSS: 7.5 Severity: HIGH CVE-2023-44487 Link: https://nvd.nist.gov/vuln/detail/CVE-2023-44487 CVSS: 7.5 Severity: HIGH CVE-2023-4785 Link: https://nvd.nist.gov/vuln/detail/CVE-2023-4785 CVSS: 7.5 Severity: HIGH

dannielle-bourne-privitar avatar Jun 24 '24 15:06 dannielle-bourne-privitar