Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/io.grpc/grpc-protobuf@1.54.0
purl pkg:maven/io.grpc/grpc-protobuf@1.54.0
Next non-vulnerable version 1.54.2
Latest non-vulnerable version 1.54.2
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-61xa-2pun-n3c9
Aliases:
CVE-2023-32731
GHSA-cfgp-2977-2fmm
Connection confusion in gRPC When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration.
1.54.2
Affected by 0 other vulnerabilities.
VCID-v4qr-8be5-bbej
Aliases:
CVE-2023-32732
GHSA-9hxf-ppjv-w6rq
gRPC connection termination issue gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309.
1.54.2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:33:14.783780+00:00 GitLab Importer Affected by VCID-v4qr-8be5-bbej https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32732.yml 38.4.0
2026-04-16T22:33:01.577829+00:00 GitLab Importer Affected by VCID-61xa-2pun-n3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32731.yml 38.4.0
2026-04-11T23:52:10.012447+00:00 GitLab Importer Affected by VCID-v4qr-8be5-bbej https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32732.yml 38.3.0
2026-04-11T23:51:56.215615+00:00 GitLab Importer Affected by VCID-61xa-2pun-n3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32731.yml 38.3.0
2026-04-02T23:55:23.636415+00:00 GitLab Importer Affected by VCID-v4qr-8be5-bbej https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32732.yml 38.1.0
2026-04-02T23:55:10.468528+00:00 GitLab Importer Affected by VCID-61xa-2pun-n3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32731.yml 38.1.0
2026-04-02T16:59:52.053427+00:00 GHSA Importer Affected by VCID-v4qr-8be5-bbej https://github.com/advisories/GHSA-9hxf-ppjv-w6rq 38.1.0
2026-04-02T16:59:49.462720+00:00 GHSA Importer Affected by VCID-61xa-2pun-n3c9 https://github.com/advisories/GHSA-cfgp-2977-2fmm 38.1.0
2026-04-01T12:51:31.821215+00:00 GitLab Importer Affected by VCID-v4qr-8be5-bbej https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32732.yml 38.0.0
2026-04-01T12:51:30.380668+00:00 GitLab Importer Affected by VCID-61xa-2pun-n3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32731.yml 38.0.0