CVE-2021-36155

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: gRPC Swift versions 1.1.0 and earlier

Description: The issue allows remote attackers to cause uncontrolled resource consumption and deny service due to the allocation of buffers of arbitrary length when parsing messages. This can lead to excessive memory allocation, resulting in a denial of service.

Recommendations: For gRPC Swift versions 1.1.0 and earlier, upgrade to version 1.2.0 to resolve the issue.

Fix

Buffer Overflow

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120CWE-770

Related Identifiers

CVE-2021-36155

GHSA-RXMJ-HG9V-VP3P

Affected Products

Grpc Swift

CVE-2021-36155

Weakness Enumeration

Related Identifiers

Affected Products

References · 8