There is a new vulnerability in gRPC v1.59.2, CVE-2024-7246 , which is fixed in v1.59.5. We will want to upgrade gRPC before releasing it into production binaries to mitigate this CVE.
It was not reported through a VULN ticket due to an ongoing bug in Silk, but I was notified of this on DEVPROD-9869.
- is depended on by
-
SERVER-80343 Enable building gRPC on all SSL Linux variants
-
- Closed
-
- is related to
-
-
- Closed
-