CVE-2017-8359
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-8359
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-8359.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-8359
- Aliases
- Downstream
- Published
- 2017-04-30T17:59:00.997Z
- Modified
- 2025-12-07T03:56:59.709186Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpccalldestroy function in core/lib/surface/call.c.
- References
Affected packages
Git
github.com/grpc/grpc
Affected ranges
- Type
- GIT
- Repo
- https://github.com/grpc/grpc
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
objective-c-v1.*
objective-c-v1.0.0-pre1
objective-c-v1.0.2
Other
release-0_10_0
release-0_11
release-0_11_0
release-0_11_1
release-0_12
release-0_12_0
release-0_13_0
release-0_13_1
release-0_14
release-0_14_0
release-0_14_1
release-0_15_0
release-0_15_1
release-0_5_0
release-0_6
release-0_6_0
release-0_9_0
release_test
release-0_10_0-objectivec-0.*
release-0_10_0-objectivec-0.6.0
release-0_11_1-objectivec-0.*
release-0_11_1-objectivec-0.11.1
release-0_12_0-objectivec-0.*
release-0_12_0-objectivec-0.12.0
release-0_14_0-objective-c-0.*
release-0_14_0-objective-c-0.14.0
release-0_14_0-objectivec-0.*
release-0_14_0-objectivec-0.14.0
release-0_9_1-objectivec-0.*
release-0_9_1-objectivec-0.5.1
v0.*
v0.15.0
v1.*
v1.0.0
v1.0.0-pre2
v1.0.1
v1.0.1-pre1
v1.1.0
v1.1.0-pre1
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.2.0
v1.2.0-pre2
v1.2.1
github.com/grpc/grpc-go
github.com/grpc/grpc-kotlin
github.com/grpc/grpc-node
Affected ranges
- Type
- GIT
- Repo
- https://github.com/grpc/grpc-node
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
@grpc/grpc-js-xds@1.*
@grpc/grpc-js-xds@1.2.0
@grpc/grpc-js-xds@1.2.1
@grpc/grpc-js@0.*
@grpc/grpc-js@0.2.0
@grpc/grpc-js@0.3.0
@grpc/grpc-js@0.3.1
@grpc/grpc-js@0.3.2
@grpc/grpc-js@0.3.3
@grpc/grpc-js@0.3.4
@grpc/grpc-js@0.3.6
@grpc/grpc-js@0.4.0
@grpc/grpc-js@0.4.2
@grpc/grpc-js@0.4.3
@grpc/grpc-js@0.5.0
@grpc/grpc-js@0.5.1
@grpc/grpc-js@0.5.2
@grpc/grpc-js@0.5.3
@grpc/grpc-js@0.5.4
@grpc/grpc-js@0.6.0
@grpc/grpc-js@0.6.1
@grpc/grpc-js@0.6.12
@grpc/grpc-js@0.6.18
@grpc/grpc-js@0.6.2
@grpc/grpc-js@0.6.3
@grpc/grpc-js@0.6.4
@grpc/grpc-js@0.6.5
@grpc/grpc-js@0.7.0
@grpc/grpc-js@0.7.1
@grpc/grpc-js@0.7.2
@grpc/grpc-js@0.7.5
@grpc/grpc-js@0.7.6
@grpc/grpc-js@0.7.9
@grpc/grpc-js@0.8.0
@grpc/grpc-js@0.8.1
@grpc/grpc-js@1.*
@grpc/grpc-js@1.0.0
@grpc/grpc-js@1.0.1
@grpc/grpc-js@1.0.2
@grpc/grpc-js@1.0.3
@grpc/grpc-js@1.0.4
@grpc/grpc-js@1.0.5
@grpc/grpc-js@1.1.0
@grpc/grpc-js@1.1.2
@grpc/grpc-js@1.1.3
@grpc/grpc-js@1.1.4
@grpc/grpc-js@1.1.5
@grpc/grpc-js@1.1.6
@grpc/grpc-js@1.1.7
@grpc/grpc-js@1.2.0
@grpc/grpc-js@1.2.3
@grpc/grpc-js@1.2.4
@grpc/grpc-js@1.2.5
@grpc/proto-loader@0.*
@grpc/proto-loader@0.3.0
@grpc/proto-loader@0.4.0
@grpc/proto-loader@0.5.0
@grpc/proto-loader@0.5.1
@grpc/proto-loader@0.5.2
@grpc/proto-loader@0.5.4
grpc-tools@1.*
grpc-tools@1.7.0
grpc-tools@1.7.2
grpc-tools@1.8.0
grpc-tools@1.9.0
grpc-tools@1.9.1
grpc@1.*
grpc@1.13.0
grpc@1.13.1
grpc@1.14.0
grpc@1.14.1
grpc@1.15.0
grpc@1.15.1
grpc@1.16.0
grpc@1.16.1
grpc@1.17.0
grpc@1.18.0
grpc@1.19.0
grpc@1.20.0
grpc@1.20.2
grpc@1.20.3
grpc@1.23.3
grpc@1.23.4
grpc@1.24.3
v1.*
v1.10.0
v1.10.1
v1.11.0
v1.11.1
v1.11.2
v1.12.1
v1.12.2
v1.12.3
v1.7.0
v1.7.1
v1.8.0
v1.8.4
v1.9.0
v1.9.1