18 matches found
UBUNTU-CVE-2026-44894
Netty is a network application framework for development of protocol servers and clients. NoQuicTokenHandler is the tokenHandler used when the application does not set one. Prior to version 4.2.15.Final, its writeToken returns false server will not send Retry — acceptable, but validateToken...
CVE-2026-10740
Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.8.2 may allow an unauthenticated remote actor to cause a denial of service degraded availability by sending crafted QUIC Initial packets. To remediate this issue, users should upgrade to v1.8.2...
CVE-2026-10740 Excessive memory allocation in s2n-quic
Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.8.2 may allow an unauthenticated remote actor to cause a denial of service degraded availability by sending crafted QUIC Initial packets. To remediate this issue, users should upgrade to v1.8.2...
EUVD-2026-36103
Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.8.2 may allow an unauthenticated remote actor to cause a denial of service degraded availability by sending crafted QUIC Initial packets. To remediate this issue, users should upgrade to v1.8.2...
CVE-2026-10740 Excessive memory allocation in s2n-quic
Unbounded memory allocation in the CRYPTO frame reassembler in s2n-quic before 1.8.2 may allow an unauthenticated remote actor to cause a denial of service degraded availability by sending crafted QUIC Initial packets. To remediate this issue, users should upgrade to v1.8.2...
s2n-quic 安全漏洞
s2n-quic is a high-performance QUIC protocol implementation library open source by Amazon Web Services. Versions of s2n-quic prior to 1.8.2 contained security vulnerabilities. These vulnerabilities stemmed from unbounded memory allocation in theCRYPTO frame reassembler, which could allow...
CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
UBUNTU-CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
Quinn 安全漏洞
Quinn is a pure Rust implementation of the IETF QUIC transport protocol, developed by quinn-rs. Versions of Quinn prior to 0.11.14 contained a security vulnerability. This vulnerability stemmed from decoding varints during the parsing of specially crafted QUIC initial packets, which could lead to...
PT-2026-24465
Name of the Vulnerable Software and Affected Versions Quinn versions prior to 0.11.14 Description A remote, unauthenticated attacker can cause a denial of service in applications using vulnerable Quinn versions by sending a specially crafted QUIC Initial packet containing malformed quic transport...
OpenSSL 3.x QUIC Initial Packet Builder / Sender
This script is a proof of concept QUIC client that constructs fully encrypted initial packets with header protection. It can be used for testing or fuzzing QUIC/TLS 1.3 implementations. The script constructs and sends a cryptographically valid QUIC Initial packet over UDP. It simulates a QUIC...
Ubuntu 25.10 : HAProxy vulnerability (USN-8036-1)
The remote Ubuntu 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8036-1 advisory. Asim Viladi Oglu Manizada discovered that HAProxy incorrectly handled certain INITIAL packets. A remote attacker could possibly use this issue to cause HAProxy to...
USN-8036-1: HAProxy vulnerability
Asim Viladi Oglu Manizada discovered that HAProxy incorrectly handled certain INITIAL packets. A remote attacker could possibly use this issue to cause HAProxy to crash, resulting in a denial of service...
USN-8036-1 haproxy vulnerability
Asim Viladi Oglu Manizada discovered that HAProxy incorrectly handled certain INITIAL packets. A remote attacker could possibly use this issue to cause HAProxy to crash, resulting in a denial of service...
SUSE CVE-2023-0809
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets...
DEBIAN-CVE-2023-0809
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets...
UBUNTU-CVE-2023-0809
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets...