For information on gRPC Security Policy and reporting potential security issues, please see gRPC CVE Process.
Security: grpc/grpc-go
Security
SECURITY.md
-
Authorization bypass via missing leading slash in :pathGHSA-p77j-4mvh-x3m3 published
Mar 17, 2026 by easwarsCritical -
Private tokens could appear in logs if context containing gRPC metadata is loggedGHSA-xr7q-jx4m-x55m published
Jul 3, 2024 by dfawleyLow -
gRPC-Go HTTP/2 Rapid Reset vulnerabilityGHSA-m425-mq94-257g published
Oct 25, 2023 by dfawleyHigh
Learn more about advisories related to grpc/grpc-go in the GitHub Advisory Database