Msrc Azl3 Grpc 1.62.3-1 On Azure Linux 3.0 vulnerabilities
6 known vulnerabilities affecting msrc/azl3_grpc_1.62.3-1_on_azure_linux_3.0.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2026-33186HIGHCVSS 8.12026-03-10
CVE-2026-33186 [CRITICAL] CWE-285 gRPC-Go has an authorization bypass via missing leading slash in :path
gRPC-Go has an authorization bypass via missing leading slash in :path
Mariner: Mariner
GitHub_M: GitHub_M
Customer Action Required: Yes
msrc
CVE-2026-3338HIGHCVSS 7.52026-03-10
CVE-2026-3338 [HIGH] CWE-347 PKCS7_verify Signature Validation Bypass in AWS-LC
PKCS7_verify Signature Validation Bypass in AWS-LC
Mariner: Mariner
AMZN: AMZN
Customer Action Required: Yes
msrc
CVE-2026-3336HIGHCVSS 7.52026-03-10
CVE-2026-3336 [HIGH] CWE-295 PKCS7_verify Certificate Chain Validation Bypass in AWS-LC
PKCS7_verify Certificate Chain Validation Bypass in AWS-LC
Mariner: Mariner
AMZN: AMZN
Customer Action Required: Yes
msrc
CVE-2025-4565MEDIUMCVSS 5.32025-06-10
CVE-2025-4565 [HIGH] CWE-674 Unbounded recursion in Python Protobuf
Unbounded recursion in Python Protobuf
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is
msrc
CVE-2024-11407HIGHCVSS 7.52024-11-12
CVE-2024-11407 [MEDIUM] CWE-682 Denial of Service through Data corruption in gRPC-C++
Denial of Service through Data corruption in gRPC-C++
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the
msrc
CVE-2024-7246MEDIUMCVSS 5.32024-08-13
CVE-2024-7246 [MEDIUM] CWE-440 HPACK table poisoning in gRPC C++, Python & Ruby
HPACK table poisoning in gRPC C++, Python & Ruby
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is
msrc