-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump grpc version #5124
Comments
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Bump gRPC version in go.mod based on https://security.snyk.io/vuln/SNYK-GOLANG-GOOGLEGOLANGORGGRPC-5953328
Affecting google.golang.org/grpc package, versions <1.56.3 >=1.57.0 <1.57.1 >=1.58.0 <1.58.3
Affected versions of this package are vulnerable to Denial of Service (DoS) in the implementation of the HTTP/2 protocol. An attacker can cause a denial of service (including via DDoS) by rapidly resetting many streams through request cancellation.
The text was updated successfully, but these errors were encountered: