[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-32731":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":26,"aliases":27,"duplicate_of":9,"upstream":29,"downstream":30,"duplicates":37,"related":38,"reserved_at":9,"published_at":48,"modified_at":49,"state":50,"summary":51,"references_raw":60,"kevs":103,"epss":104,"epss_history":107,"metrics":374,"affected":390},"CVE-2023-32731","When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained inĀ  https://github.com/grpc/grpc/pull/33005 https://github.com/grpc/grpc/pull/33005 \n",null,[11,19],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-440","Expected Behavior Violation","A feature, API, or function does not perform according to its specification.","weakness","Draft","Base",[],{"_key":20,"id":20,"name":21,"description":22,"type":23,"status":24,"abstraction":9,"likelihood_of_exploit":9,"capec":25},"NVD-CWE-OTHER","Other","NVD uses this CWE ID when the weakness does not map to any existing CWE entry.","placeholder","NVD-Reserved",[],[],[28],"GHSA-cfgp-2977-2fmm",[],[31,33,35],{"_key":32},"SUSE-SU-2024:0573-1",{"_key":34},"UBUNTU-CVE-2023-32731",{"_key":36},"RHSA-2024:10761",[],[39,40,42,44,46],{"_key":32},{"_key":41},"CGA-3C2Q-4QQC-238J",{"_key":43},"CGA-8CF4-MMM4-2RR5",{"_key":45},"CGA-GGP4-VW2X-23HX",{"_key":47},"CGA-W63X-W6J8-RW9J","2023-06-09T10:54:08.472Z","2024-09-26T19:12:06.245Z","Modified",{"cisa_kev":52,"cisa_ransomware":52,"cisa_vendor":9,"epss_severity":53,"epss_score":54,"severity":55,"severity_score":56,"severity_version":57,"severity_source":58,"severity_vector":59,"severity_status":50},false,"low",0.00075,"high",7.5,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",[61,70,74,79,83,87,91,95,99],{"url":62,"sources":63,"tags":67},"https://github.com/grpc/grpc/pull/32309",[64,58,65,66],"cve.org","osv_pypi","osv_maven",[68,69],"Patch","WEB",{"url":71,"sources":72,"tags":73},"https://github.com/grpc/grpc/pull/33005",[64,58,65,66],[68,69],{"url":75,"sources":76,"tags":77},"https://nvd.nist.gov/vuln/detail/CVE-2023-32731",[65,66],[78],"Advisory",{"url":80,"sources":81,"tags":82},"https://github.com/grpc/grpc/issues/33463",[65,66],[69],{"url":84,"sources":85,"tags":86},"https://github.com/grpc/grpc/commit/29d8beee0ac2555773b2a2dda5601c74a95d6c10",[65,66],[69],{"url":88,"sources":89,"tags":90},"https://github.com/grpc/grpc/commit/65a2a895afaf1d2072447b9baf246374b182a946",[65,66],[69],{"url":92,"sources":93,"tags":94},"https://github.com/grpc/grpc/releases/tag/v1.53.1",[65,66],[69],{"url":96,"sources":97,"tags":98},"https://github.com/grpc/grpc/releases/tag/v1.54.2",[65,66],[69],{"url":100,"sources":101,"tags":102},"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/grpc/CVE-2023-32731.yml",[65,66],[69],[],{"date":105,"score":54,"percentile":106},"2026-06-04",0.22614,[108,112,115,118,121,124,127,130,133,136,139,141,144,147,150,154,157,160,163,166,169,172,175,178,181,184,187,190,193,196,199,202,205,208,211,214,217,220,223,226,229,232,235,238,241,244,247,250,253,256,259,262,265,268,271,274,277,279,281,284,287,289,292,295,298,301,304,307,310,313,316,319,322,325,328,331,334,337,340,342,345,348,351,354,357,360,363,366,369,371],{"date":109,"score":110,"percentile":111},"2025-11-04",0.0007,0.21683,{"date":113,"score":110,"percentile":114},"2025-11-05",0.21684,{"date":116,"score":110,"percentile":117},"2025-11-06",0.21691,{"date":119,"score":110,"percentile":120},"2025-11-07",0.21706,{"date":122,"score":110,"percentile":123},"2025-11-08",0.21714,{"date":125,"score":110,"percentile":126},"2025-11-09",0.21668,{"date":128,"score":110,"percentile":129},"2025-11-10",0.21606,{"date":131,"score":110,"percentile":132},"2025-11-11",0.21631,{"date":134,"score":110,"percentile":135},"2025-11-12",0.21689,{"date":137,"score":110,"percentile":138},"2025-11-13",0.21701,{"date":140,"score":110,"percentile":117},"2025-11-14",{"date":142,"score":110,"percentile":143},"2025-11-15",0.21675,{"date":145,"score":110,"percentile":146},"2025-11-16",0.21625,{"date":148,"score":110,"percentile":149},"2025-11-17",0.21585,{"date":151,"score":152,"percentile":153},"2025-11-18",0.00113,0.25394,{"date":155,"score":152,"percentile":156},"2025-11-19",0.25417,{"date":158,"score":152,"percentile":159},"2025-11-20",0.25426,{"date":161,"score":110,"percentile":162},"2025-11-21",0.21555,{"date":164,"score":110,"percentile":165},"2025-11-22",0.21549,{"date":167,"score":110,"percentile":168},"2025-11-23",0.21513,{"date":170,"score":110,"percentile":171},"2025-11-24",0.21485,{"date":173,"score":110,"percentile":174},"2025-11-25",0.21469,{"date":176,"score":110,"percentile":177},"2025-11-26",0.21458,{"date":179,"score":110,"percentile":180},"2025-11-27",0.2142,{"date":182,"score":110,"percentile":183},"2025-11-28",0.21396,{"date":185,"score":110,"percentile":186},"2025-11-29",0.21383,{"date":188,"score":110,"percentile":189},"2025-11-30",0.21373,{"date":191,"score":110,"percentile":192},"2025-12-01",0.21421,{"date":194,"score":110,"percentile":195},"2025-12-02",0.21438,{"date":197,"score":110,"percentile":198},"2025-12-03",0.21448,{"date":200,"score":110,"percentile":201},"2025-12-04",0.21389,{"date":203,"score":110,"percentile":204},"2025-12-05",0.21432,{"date":206,"score":110,"percentile":207},"2025-12-06",0.21428,{"date":209,"score":110,"percentile":210},"2025-12-07",0.21401,{"date":212,"score":110,"percentile":213},"2025-12-08",0.21414,{"date":215,"score":110,"percentile":216},"2025-12-09",0.21465,{"date":218,"score":110,"percentile":219},"2025-12-10",0.2154,{"date":221,"score":110,"percentile":222},"2025-12-11",0.21582,{"date":224,"score":110,"percentile":225},"2025-12-12",0.21596,{"date":227,"score":110,"percentile":228},"2025-12-13",0.21601,{"date":230,"score":110,"percentile":231},"2025-12-14",0.2157,{"date":233,"score":110,"percentile":234},"2025-12-15",0.21548,{"date":236,"score":110,"percentile":237},"2025-12-16",0.2158,{"date":239,"score":110,"percentile":240},"2025-12-17",0.21655,{"date":242,"score":110,"percentile":243},"2025-12-18",0.21738,{"date":245,"score":110,"percentile":246},"2025-12-19",0.21762,{"date":248,"score":110,"percentile":249},"2025-12-20",0.21739,{"date":251,"score":110,"percentile":252},"2025-12-21",0.21685,{"date":254,"score":110,"percentile":255},"2025-12-22",0.21652,{"date":257,"score":110,"percentile":258},"2025-12-23",0.21648,{"date":260,"score":110,"percentile":261},"2025-12-24",0.21666,{"date":263,"score":110,"percentile":264},"2025-12-25",0.21746,{"date":266,"score":110,"percentile":267},"2025-12-26",0.21727,{"date":269,"score":110,"percentile":270},"2025-12-27",0.21735,{"date":272,"score":110,"percentile":273},"2025-12-28",0.21688,{"date":275,"score":110,"percentile":276},"2025-12-29",0.2165,{"date":278,"score":110,"percentile":132},"2025-12-30",{"date":280,"score":110,"percentile":117},"2025-12-31",{"date":282,"score":110,"percentile":283},"2026-01-01",0.21782,{"date":285,"score":110,"percentile":286},"2026-01-02",0.21778,{"date":288,"score":110,"percentile":246},"2026-01-03",{"date":290,"score":110,"percentile":291},"2026-01-04",0.21661,{"date":293,"score":110,"percentile":294},"2026-01-05",0.21654,{"date":296,"score":110,"percentile":297},"2026-01-06",0.21669,{"date":299,"score":110,"percentile":300},"2026-01-07",0.21704,{"date":302,"score":110,"percentile":303},"2026-01-08",0.2176,{"date":305,"score":110,"percentile":306},"2026-01-09",0.21753,{"date":308,"score":110,"percentile":309},"2026-01-10",0.21731,{"date":311,"score":110,"percentile":312},"2026-01-11",0.217,{"date":314,"score":110,"percentile":315},"2026-01-12",0.21667,{"date":317,"score":110,"percentile":318},"2026-01-13",0.21643,{"date":320,"score":110,"percentile":321},"2026-01-14",0.21705,{"date":323,"score":110,"percentile":324},"2026-01-15",0.2171,{"date":326,"score":110,"percentile":327},"2026-01-16",0.21741,{"date":329,"score":110,"percentile":330},"2026-01-17",0.21747,{"date":332,"score":110,"percentile":333},"2026-01-18",0.21692,{"date":335,"score":110,"percentile":336},"2026-01-19",0.21641,{"date":338,"score":110,"percentile":339},"2026-01-20",0.21622,{"date":341,"score":110,"percentile":222},"2026-01-21",{"date":343,"score":110,"percentile":344},"2026-01-22",0.21562,{"date":346,"score":110,"percentile":347},"2026-01-23",0.21651,{"date":349,"score":110,"percentile":350},"2026-01-24",0.21673,{"date":352,"score":110,"percentile":353},"2026-01-25",0.21593,{"date":355,"score":110,"percentile":356},"2026-01-26",0.21482,{"date":358,"score":110,"percentile":359},"2026-01-27",0.21471,{"date":361,"score":110,"percentile":362},"2026-01-28",0.21472,{"date":364,"score":110,"percentile":365},"2026-01-29",0.21433,{"date":367,"score":110,"percentile":368},"2026-01-30",0.21435,{"date":370,"score":110,"percentile":195},"2026-01-31",{"date":372,"score":110,"percentile":373},"2026-02-01",0.21478,[375,382,386,388],{"source":64,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":376,"cvss_v4_0":9},{"baseScore":377,"baseSeverity":378,"vectorString":379,"impactScore":380,"exploitabilityScore":381},7.4,"HIGH","CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",8.7,5.6,{"source":58,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":383,"cvss_v4_0":9},{"baseScore":56,"baseSeverity":378,"vectorString":59,"impactScore":384,"exploitabilityScore":385},6,10,{"source":65,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":387,"cvss_v4_0":9},{"baseScore":377,"baseSeverity":9,"vectorString":379,"impactScore":380,"exploitabilityScore":381},{"source":66,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":389,"cvss_v4_0":9},{"baseScore":377,"baseSeverity":9,"vectorString":379,"impactScore":380,"exploitabilityScore":381},[391,408,417,423,432],{"ecosystem":392,"name":393,"vendor":392,"product":393,"cpe_part":9,"purl_type":394,"purl_namespace":9,"purl_name":393,"source":9,"versions":395},"RubyGems","grpc","gem",[396,404],{"version":397,"is_range":398,"range_type":399,"version_start":400,"version_start_type":401,"version_end":402,"version_end_type":403,"fixed_in":9},"gte1_53_0_lt1_53_1",true,"ecosystem","1.53.0","including","1.53.1","excluding",{"version":405,"is_range":398,"range_type":399,"version_start":406,"version_start_type":401,"version_end":407,"version_end_type":403,"fixed_in":9},"gte1_54_0_lt1_54_2","1.54.0","1.54.2",{"ecosystem":9,"name":409,"vendor":410,"product":393,"cpe_part":411,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":412},"gRPC","google","a",[413],{"version":414,"is_range":398,"range_type":64,"version_start":415,"version_start_type":401,"version_end":416,"version_end_type":401,"fixed_in":9},">= 1.53, \u003C= 1.54","1.53","1.54",{"ecosystem":9,"name":393,"vendor":393,"product":393,"cpe_part":411,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":418},[419],{"version":420,"is_range":398,"range_type":421,"version_start":400,"version_start_type":401,"version_end":422,"version_end_type":403,"fixed_in":9},"gte1.53.0_lt1.55.0","cpe","1.55.0",{"ecosystem":424,"name":425,"vendor":426,"product":427,"cpe_part":9,"purl_type":428,"purl_namespace":426,"purl_name":427,"source":9,"versions":429},"Maven","io.grpc:grpc-protobuf","io.grpc","grpc-protobuf","maven",[430,431],{"version":397,"is_range":398,"range_type":399,"version_start":400,"version_start_type":401,"version_end":402,"version_end_type":403,"fixed_in":9},{"version":405,"is_range":398,"range_type":399,"version_start":406,"version_start_type":401,"version_end":407,"version_end_type":403,"fixed_in":9},{"ecosystem":433,"name":434,"vendor":433,"product":434,"cpe_part":9,"purl_type":435,"purl_namespace":9,"purl_name":434,"source":9,"versions":436},"PyPI","grpcio","pypi",[437,438],{"version":397,"is_range":398,"range_type":399,"version_start":400,"version_start_type":401,"version_end":402,"version_end_type":403,"fixed_in":9},{"version":405,"is_range":398,"range_type":399,"version_start":406,"version_start_type":401,"version_end":407,"version_end_type":403,"fixed_in":9}]