hpack

gRPC’s HPACK parser contains a set of parsing/accounting flaws that allow a remote, unauthenticated attacker to force excessive memory allocation, trigger pathological CPU use, and in practice cause connection termination or full denial-of-service of gRPC endpoints unless libraries and products...