Vulnerability	Vulnerable Version
H Uncaught Exception grpcio is a None Affected versions of this package are vulnerable to Uncaught Exception. due to the lack of error handling in the TCP server. An attacker can cause a denial of service by initiating a significant number of connections with the server. Note: This is only exploitable if the server is running on posix-compatible platforms such as Linux. How to fix Uncaught Exception? Upgrade `grpcio` to version 1.53.2, 1.54.3, 1.55.3, 1.56.2 or higher.	[1.23.0,1.53.2)[1.54.0,1.54.3)[1.55.0,1.55.3)[1.56.0,1.56.2)
M Expected Behavior Violation Affected versions of this package are vulnerable to Expected Behavior Violation via the `HPackParser` function when the gRPC client is communicating with an HTTP/2 proxy, allowing the attacker to poison the HPACK table. By manipulating the header encoding and poisoning the HPACK table between the proxy and the backend, an attacker can cause other gRPC clients to see failed requests or potentially leak HTTP header keys but not their values. This vulnerability exists because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table. How to fix Expected Behavior Violation? Upgrade `grpcio` to version 1.58.3, 1.59.5, 1.60.2, 1.62.3, 1.63.2, 1.64.3, 1.65.4 or higher.	[,1.58.3)[1.59.0,1.59.5)[1.60.0,1.60.2)[1.62.0,1.62.3)[1.63.0,1.63.2)[1.64.0,1.64.3)[1.65.0,1.65.4)
H Excessive Iteration Affected versions of this package are vulnerable to Excessive Iteration. Specially crafted requests can cause a termination of connection between a proxy and a backend. How to fix Excessive Iteration? Upgrade `grpcio` to version 1.53.2, 1.54.3, 1.55.3, 1.56.2 or higher.	[,1.53.2)[1.54.0,1.54.3)[1.55.0,1.55.3)[1.56.0,1.56.2)

Go back to all versions of this package