1 results (0.003 seconds)
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8391 – Eclipse Vert.x gRPC server does not limit the maximum message size
https://notcve.org/view.php?id=CVE-2024-8391
In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload (Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client). This is fixed in the 4.5.10 version. Note this does not affect the Vert.x gRPC server based grpc-java and Netty libraries (Maven GAV: io.vertx:vertx-grpc) • https://github.com/eclipse-vertx/vertx-grpc/issues/113 https://gitlab.eclipse.org/security/cve-assignement/-/issues/31 • CWE-770: Allocation of Resources Without Limits or Throttling •