Hey! We have tried to find some sort of official clarification on whether/how gRPC is affected by CVE-2023-44487. Is there more information on this somewhere?
The closest related thing we could find were recent changes to concurrent streams and RST_STREAM: https://github.com/grpc/grpc/commit/6a49e953a4df6ea8aa4378de575b0a7a59421f30, but even that doesn't reference CVE-2023-44487 in any way, so not sure if that is relevant here. - Mikko -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/d6a606a4-8d2e-4c15-9a6d-d49a3cf35de4n%40googlegroups.com.