VulnerableCode Package Details - pkg:maven/io.grpc/grpc-protobuf@1.52.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/io.grpc/grpc-protobuf@1.52.0

Essentials
History (3)

purl	pkg:maven/io.grpc/grpc-protobuf@1.52.0

Next non-vulnerable version	1.54.2
Latest non-vulnerable version	1.54.2
Risk	4.0

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-qatb-my8j-b3hr Aliases: CVE-2023-1428 GHSA-6628-q6j9-w8vg	gRPC Reachable Assertion issue There exists an vulnerability causing an abort() to be called in gRPC. The following headers cause gRPC's C++ implementation to abort() when called via http2: te: x (x != trailers) :scheme: x (x != http, https) grpclb_client_stats: x (x == anything) On top of sending one of those headers, a later header must be sent that gets the total header size past 8KB. We recommend upgrading past git commit 2485fa94bd8a723e5c977d55a3ce10b301b437f8 or v1.53 and above.	1.53.0 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T22:33:14.159801+00:00	GitLab Importer	Affected by	VCID-qatb-my8j-b3hr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-1428.yml	38.4.0
2026-04-11T23:52:09.350327+00:00	GitLab Importer	Affected by	VCID-qatb-my8j-b3hr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-1428.yml	38.3.0
2026-04-02T23:55:23.036912+00:00	GitLab Importer	Affected by	VCID-qatb-my8j-b3hr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-1428.yml	38.1.0