Hello, gRPC is currently using a vulnerable version of c-ares (1.19.1), as noted in CVE-2024-25629 <https://nvd.nist.gov/vuln/detail/cve-2024-25629>.
1. Is gRPC affected by CVE-2024-25629? 2. Is there a plan to upgrade c-ares? Regards, Aleksander Sajber -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/grpc-io/ca150166-e553-4d52-9a07-8155aa4575a8n%40googlegroups.com.
