Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-94652

Upgrade gRPC to 1.59.5

XMLWordPrintableJSON

    • Type: Icon: Task Task
    • Resolution: Unresolved
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: None
    • None
    • Networking & Observability

      There is a new vulnerability in gRPC v1.59.2, CVE-2024-7246 , which is fixed in v1.59.5. We will want to upgrade gRPC before releasing it into production binaries to mitigate this CVE.

      It was not reported through a VULN ticket due to an ongoing bug in Silk, but I was notified of this on DEVPROD-9869.

            Assignee:
            Unassigned Unassigned
            Reporter:
            erin.mcnulty@mongodb.com Erin McNulty
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: