{"id":"CVE-2017-8359","details":"Google gRPC before 2017-03-29 has an out-of-bounds write caused by a heap-based use-after-free related to the grpc_call_destroy function in core/lib/surface/call.c.","aliases":["PYSEC-2017-101"],"modified":"2026-04-10T04:02:13.492259Z","published":"2017-04-30T17:59:00.997Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/98280"},{"type":"FIX","url":"https://github.com/grpc/grpc/pull/10353"},{"type":"EVIDENCE","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=726"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/grpc/grpc","events":[{"introduced":"0"},{"last_affected":"c25267fd7dc3d549ef8aace4909c95eac9b0cca9"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.2.1"}]}}],"versions":["release-0_6","release-0_6_0","release-0_9_0","release-0_9_1-objectivec-0.5.1","release_test","v1.2.0","v1.2.0-pre2","v1.2.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-8359.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}