CVE-2023-32731 – grpc

Package

Manager: gem
Name: grpc
Vulnerable Version: >=1.53.0 <1.53.1 || >=1.54.0 <1.54.2

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.0007 pctl0.21915

Details

Connection confusion in gRPC When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration.

Metadata

Created: 2023-07-05T19:12:51Z
Modified: 2025-08-13T14:56:11Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/07/GHSA-cfgp-2977-2fmm/GHSA-cfgp-2977-2fmm.json
CWE IDs: ["CWE-440"]
Alternative ID: GHSA-cfgp-2977-2fmm
Finding: F014
Auto approve: 1