Lucene search
K

11 matches found

RedHat Linux
RedHat Linux
added 2025/11/19 3:51 p.m.8 views

github.com/quic-go/quic-go: quic-go Crash Due to Premature HANDSHAKE_DONE Frame

A denial of service flaw has been discovered in the quic-go golang library. A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authentication and can be exploited during...

7.5CVSS5.9AI score0.00438EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/11/18 5:47 p.m.2 views

github.com/quic-go/quic-go: quic-go Crash Due to Premature HANDSHAKE_DONE Frame

A denial of service flaw has been discovered in the quic-go golang library. A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authentication and can be exploited during...

7.5CVSS5.9AI score0.00438EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/11/09 12:23 a.m.5 views

SUSE CVE-2025-59530

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS7AI score0.00438EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/10/25 9:1 p.m.7 views

quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame

...

7.5CVSS7AI score0.00438EPSS
Exploits0
EUVD
EUVD
added 2025/10/10 5:3 p.m.5 views

EUVD-2025-33746

quic-go: Panic occurs when queuing undecryptable packets after handshake completion...

7.5CVSS6.4AI score0.00438EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/10/10 5:3 p.m.6 views

quic-go: Panic occurs when queuing undecryptable packets after handshake completion

Summary A misbehaving or malicious server can trigger an assertion in a quic-go client and crash the process by sending a premature HANDSHAKEDONE frame during the handshake. Impact A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an...

7.5CVSS6.8AI score0.00438EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/10/10 4:15 p.m.3 views

DEBIAN-CVE-2025-59530

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS5.2AI score0.00438EPSS
Exploits0References1
OSV
OSV
added 2025/10/10 4:15 p.m.3 views

UBUNTU-CVE-2025-59530

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS5.8AI score0.00438EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/10 4:9 p.m.12 views

CVE-2025-59530 quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS0.00438EPSS
Exploits0References3
OSV
OSV
added 2025/10/10 4:9 p.m.4 views

CVE-2025-59530 quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS7AI score0.00438EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/10/10 4:9 p.m.7 views

CVE-2025-59530

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS5.2AI score0.00438EPSS
Exploits0
Rows per page
Query Builder