Unknown · Grpc Swift · CVE-2021-36153
Name of the Vulnerable Software and Affected Versions:
gRPC Swift versions 1.1.0 through 1.1.1
Description:
The issue is related to mismanaged state in the GRPCWebToHTTP2ServerCodec.swift file, allowing remote attackers to cause a denial of service by sending malformed requests. Affected gRPC Swift servers are vulnerable to precondition failures when parsing certain gRPC Web requests.
Recommendations:
For gRPC Swift versions 1.1.0 through 1.1.1, upgrade to version 1.2.0 to resolve the issue.