Hi all, The record for CVE-2024-11407 <https://www.cve.org/CVERecord?id=CVE-2024-11407> states that gRPC versions 1.60.0 through 1.66.1 are affected by this vulnerability, but it appears that the affected code appears on v1.59.x as well (link <https://github.com/grpc/grpc/blob/b22b8e6c8855f958afda436d9f1def216085d505/src/core/lib/event_engine/posix_engine/posix_endpoint.cc#L242> ).
Is the record for the CVE incomplete? Or is there another factor that makes v1.59.x safe from this CVE? Thanks, - Erin McNulty -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/grpc-io/ab7ee579-64e0-4f46-9445-eb6495826e73n%40googlegroups.com.
