Uncaught Exception Affecting grcpio package, versions [1.23.0,1.53.2) [1.54.0,1.54.3) [1.55.0,1.55.3) [1.56.0,1.56.2)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-PYTHON-GRCPIO-5901865
- published 14 Sep 2023
- disclosed 13 Sep 2023
- credit Unknown
How to fix?
grcpio to version 1.53.2, 1.54.3, 1.55.3, 1.56.2 or higher.
grcpio is a remote procedure call (RPC) framework.
Affected versions of this package are vulnerable to Uncaught Exception due to the lack of error handling in the TCP server. An attacker can cause a denial of service by initiating a significant number of connections with the server.
This is only exploitable if the server is running on posix-compatible platforms such as Linux.