{"vulnerability": "CVE-2023-3273", "sightings": [{"uuid": "aacfa074-cd46-4c38-918e-4949e7eb9896", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32736", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470118630017027", "content": "", "creation_timestamp": "2024-11-12T13:03:25.938385Z"}, {"uuid": "52549cec-ef2f-43d4-83da-29c92718f4ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32736", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470132311309724", "content": "", "creation_timestamp": "2024-11-12T13:06:54.539875Z"}, {"uuid": "d87d492a-bbdb-4301-8e9c-6fb692a419db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32736", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-07", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "b09483ae-0f4c-40ae-a6fb-f9bd6ae458c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32731", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/65098", "content": "\u203c CVE-2023-32731 \u203c\n\nWhen gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained in\u00c2\u00a0 https://github.com/grpc/grpc/pull/32309 https://github.com/grpc/grpc/pull/32309\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-09T14:21:41.000000Z"}]}