CVE-2017-8359

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-8359

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-8359.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-8359

Aliases

PYSEC-2017-101

Related

UBUNTU-CVE-2017-8359

Published

2017-04-30T17:59:00Z

Modified

2025-01-08T04:48:23.001054Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpccalldestroy function in core/lib/surface/call.c.

References

Affected packages

Debian:11 / grpc

Package

Name: grpc
Purl: pkg:deb/debian/grpc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.2-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / grpc

Package

Name: grpc
Purl: pkg:deb/debian/grpc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.2-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / grpc

Package

Name: grpc
Purl: pkg:deb/debian/grpc?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.2-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/grpc/grpc

Affected ranges

Type: GIT
Repo: https://github.com/grpc/grpc
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

c25267fd7dc3d549ef8aace4909c95eac9b0cca9

Type: GIT
Repo: https://github.com/grpc/grpc-go
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

8050b9cbc271307e5a716a9d782803d09b0d6f2d

Type: GIT
Repo: https://github.com/grpc/grpc-kotlin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

5fb5efffb108d71e711ae92548c32c69b6439eff

Type: GIT
Repo: https://github.com/grpc/grpc-node
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

98376f0ac604da54957d545abe4bb01b5255b73d

Type: GIT
Repo: https://github.com/grpc/grpc-web
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

3d921fffb7ce29f03329e411711d0751328c761a

Affected versions

0.*

0.2.0

0.3.0

0.4.0

1.*

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.1.0

1.1.0-rc.1

1.2.0

1.2.1

@grpc/grpc-js-xds@1.*

@grpc/grpc-js-xds@1.2.0

@grpc/grpc-js-xds@1.2.1

@grpc/grpc-js@0.*

@grpc/grpc-js@0.2.0

@grpc/grpc-js@0.3.0

@grpc/grpc-js@0.3.1

@grpc/grpc-js@0.3.2

@grpc/grpc-js@0.3.3

@grpc/grpc-js@0.3.4

@grpc/grpc-js@0.3.6

@grpc/grpc-js@0.4.0

@grpc/grpc-js@0.4.2

@grpc/grpc-js@0.4.3

@grpc/grpc-js@0.5.0

@grpc/grpc-js@0.5.1

@grpc/grpc-js@0.5.2

@grpc/grpc-js@0.5.3

@grpc/grpc-js@0.5.4

@grpc/grpc-js@0.6.0

@grpc/grpc-js@0.6.1

@grpc/grpc-js@0.6.12

@grpc/grpc-js@0.6.18

@grpc/grpc-js@0.6.2

@grpc/grpc-js@0.6.3

@grpc/grpc-js@0.6.4

@grpc/grpc-js@0.6.5

@grpc/grpc-js@0.7.0

@grpc/grpc-js@0.7.1

@grpc/grpc-js@0.7.2

@grpc/grpc-js@0.7.5

@grpc/grpc-js@0.7.6

@grpc/grpc-js@0.7.9

@grpc/grpc-js@0.8.0

@grpc/grpc-js@0.8.1

@grpc/grpc-js@1.*

@grpc/grpc-js@1.0.0

@grpc/grpc-js@1.0.1

@grpc/grpc-js@1.0.2

@grpc/grpc-js@1.0.3

@grpc/grpc-js@1.0.4

@grpc/grpc-js@1.0.5

@grpc/grpc-js@1.1.0

@grpc/grpc-js@1.1.2

@grpc/grpc-js@1.1.3

@grpc/grpc-js@1.1.4

@grpc/grpc-js@1.1.5

@grpc/grpc-js@1.1.6

@grpc/grpc-js@1.1.7

@grpc/grpc-js@1.2.0

@grpc/grpc-js@1.2.3

@grpc/grpc-js@1.2.4

@grpc/grpc-js@1.2.5

@grpc/proto-loader@0.*

@grpc/proto-loader@0.3.0

@grpc/proto-loader@0.4.0

@grpc/proto-loader@0.5.0

@grpc/proto-loader@0.5.1

@grpc/proto-loader@0.5.2

@grpc/proto-loader@0.5.4

grpc-tools@1.*

grpc-tools@1.7.0

grpc-tools@1.7.2

grpc-tools@1.8.0

grpc-tools@1.9.0

grpc-tools@1.9.1

grpc@1.*

grpc@1.13.0

grpc@1.13.1

grpc@1.14.0

grpc@1.14.1

grpc@1.15.0

grpc@1.15.1

grpc@1.16.0

grpc@1.16.1

grpc@1.17.0

grpc@1.18.0

grpc@1.19.0

grpc@1.20.0

grpc@1.20.2

grpc@1.20.3

grpc@1.23.3

grpc@1.23.4

grpc@1.24.3

objective-c-v1.*

objective-c-v1.0.0-pre1

objective-c-v1.0.2

Other

release-0_10_0

release-0_11

release-0_11_0

release-0_11_1

release-0_12

release-0_12_0

release-0_13_0

release-0_13_1

release-0_14

release-0_14_0

release-0_14_1

release-0_15_0

release-0_15_1

release-0_5_0

release-0_6

release-0_6_0

release-0_9_0

release_test

release-0_10_0-objectivec-0.*

release-0_10_0-objectivec-0.6.0

release-0_11_1-objectivec-0.*

release-0_11_1-objectivec-0.11.1

release-0_12_0-objectivec-0.*

release-0_12_0-objectivec-0.12.0

release-0_14_0-objective-c-0.*

release-0_14_0-objective-c-0.14.0

release-0_14_0-objectivec-0.*

release-0_14_0-objectivec-0.14.0

release-0_9_1-objectivec-0.*

release-0_9_1-objectivec-0.5.1

v0.*

v0.1.1

v0.1.2

v0.1.3

v0.1.4

v0.1.5

v0.15.0

v0.2.0

v0.2.1

v1.*

v1.0.0

v1.0.0-pre2

v1.0.1

v1.0.1-GA

v1.0.1-pre1

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.1.0

v1.1.0-pre1

v1.1.1

v1.1.2

v1.1.3

v1.1.4

v1.10.0

v1.10.1

v1.11.0

v1.11.1

v1.11.2

v1.12.1

v1.12.2

v1.12.3

v1.2.0

v1.2.0-pre2

v1.2.1

v1.7.0

v1.7.1

v1.8.0

v1.8.4

v1.9.0

v1.9.1