We don't want to share details about how to reproduce it because it would
do more harm than good. Action required here to mitigate this is to update
gRPC to the version with the fix.
On Thursday, October 26, 2023 at 11:48:24 PM UTC-7 yh zhou wrote:
> Are there any POCs or steps to reproduce
gRPC C++, Python, and Ruby will soon have a 1.59.2 patch release to address
CVE-2023-44487. Thus, 1.60 or later will have this fix.
gRPC ObjC and PHP are not affected by this CVE because they do not support
the server feature that has the vulnerability.
On Tuesday, October 24, 2023 at 6:56:22
I see there's PR for the same https://github.com/grpc/grpc/pull/34763. does
this takes care of python module too?
On Monday, October 23, 2023 at 9:25:59 AM UTC+5:30 yh zhou wrote:
> I'm also looking for the same information. It would be of great help if
> anything effective replied. Thanks.
>
I'm also looking for the same information. It would be of great help if
anything effective replied. Thanks.
-zhouyh
在2023年10月11日星期三 UTC+8 15:14:58 写道:
> Hey!
>
> We have tried to find some sort of official clarification on whether/how
> gRPC is affected by CVE-2023-44487. Is there more
