Lucene search
K

4 matches found

OSV
OSV
added 2024/11/25 6:55 p.m.8 views

CVE-2024-52811 Acks not validated before logged to qlog leads to buffer overflow in ngtcp2

The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a buffer overflow. In ngtcp2conn::connrecvpkt for an ACK, there was new logic that got added to skip connrecvack if an ack has already been...

8.2CVSS8.1AI score0.00802EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/11/25 6:55 p.m.8 views

CVE-2024-52811 Acks not validated before logged to qlog leads to buffer overflow in ngtcp2

The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a buffer overflow. In ngtcp2conn::connrecvpkt for an ACK, there was new logic that got added to skip connrecvack if an ack has already been...

8.2CVSS7.3AI score0.00802EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/11/25 6:55 p.m.10 views

CVE-2024-52811

The ngtcp2 project is an effort to implement IETF QUIC protocol in C. In affected versions acks are not validated before being written to the qlog leading to a buffer overflow. In ngtcp2conn::connrecvpkt for an ACK, there was new logic that got added to skip connrecvack if an ack has already been...

8.2CVSS7AI score0.00802EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/10/25 12:0 a.m.46 views

Fedora: Security Advisory for mvfst (FEDORA-2023-17efd3f2cd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.6AI score0.99999EPSS
Exploits19References4
Rows per page
Query Builder