Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/io.grpc/grpc-protobuf@1.54.1
purl pkg:maven/io.grpc/grpc-protobuf@1.54.1
Next non-vulnerable version 1.54.2
Latest non-vulnerable version 1.54.2
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-61xa-2pun-n3c9
Aliases:
CVE-2023-32731
GHSA-cfgp-2977-2fmm
Connection confusion in gRPC When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration.
1.54.2
Affected by 0 other vulnerabilities.
VCID-v4qr-8be5-bbej
Aliases:
CVE-2023-32732
GHSA-9hxf-ppjv-w6rq
gRPC connection termination issue gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309.
1.54.2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-05-06T14:16:22.733238+00:00 GitLab Importer Affected by VCID-v4qr-8be5-bbej https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32732.yml 38.6.0
2026-05-06T14:16:10.724230+00:00 GitLab Importer Affected by VCID-61xa-2pun-n3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32731.yml 38.6.0
2026-04-29T21:14:09.330420+00:00 GitLab Importer Affected by VCID-v4qr-8be5-bbej https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32732.yml 38.5.0
2026-04-29T21:13:56.582354+00:00 GitLab Importer Affected by VCID-61xa-2pun-n3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32731.yml 38.5.0
2026-04-16T22:33:14.787291+00:00 GitLab Importer Affected by VCID-v4qr-8be5-bbej https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32732.yml 38.4.0
2026-04-16T22:33:01.581217+00:00 GitLab Importer Affected by VCID-61xa-2pun-n3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32731.yml 38.4.0
2026-04-11T23:52:10.016164+00:00 GitLab Importer Affected by VCID-v4qr-8be5-bbej https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32732.yml 38.3.0
2026-04-11T23:51:56.219533+00:00 GitLab Importer Affected by VCID-61xa-2pun-n3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32731.yml 38.3.0
2026-04-02T23:55:23.640185+00:00 GitLab Importer Affected by VCID-v4qr-8be5-bbej https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32732.yml 38.1.0
2026-04-02T23:55:10.473245+00:00 GitLab Importer Affected by VCID-61xa-2pun-n3c9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.grpc/grpc-protobuf/CVE-2023-32731.yml 38.1.0