Lucene search
K

11 matches found

OSV
OSV
added 2026/06/12 4:16 p.m.4 views

UBUNTU-CVE-2026-50009

Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the...

4.8CVSS5.4AI score0.00204EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/12 2:47 p.m.28 views

CVE-2026-50009 Netty QUIC stateless reset token material exposed through header-visible connection IDs

Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the...

4.8CVSS0.00204EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 2:6 p.m.7 views

CVE-2026-44894 Netty's Default QUIC token handler accepts any client-supplied token

Netty is a network application framework for development of protocol servers and clients. NoQuicTokenHandler is the tokenHandler used when the application does not set one. Prior to version 4.2.15.Final, its writeToken returns false server will not send Retry — acceptable, but validateToken...

7.5CVSS5.3AI score0.00143EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/02 7:36 p.m.13 views

CVE-2025-29908

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

5.3CVSS7.2AI score0.00545EPSS
Exploits0References1
OSV
OSV
added 2025/03/31 9:47 p.m.9 views

GHSA-HQQC-JR88-P6X2 Netty QUIC hash collision DoS attack

An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. See...

5.3CVSS7.1AI score0.00545EPSS
Exploits0References5
NVD
NVD
added 2025/03/31 7:15 p.m.25 views

CVE-2025-29908

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

5.3CVSS0.00545EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/31 6:43 p.m.6 views

CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

5.3CVSS7.1AI score0.00545EPSS
Exploits0References3
CVE
CVE
added 2025/03/31 6:43 p.m.70 views

CVE-2025-29908

CVE-2025-29908 affects the Netty QUIC codec (netty-incubator-codec-quic) which uses quiche. The issue is a hash collision in the hash map that manages connections, allowing a remote attacker to induce a Hash DoS by initiating connections with colliding Source Connection IDs (SCIDs), causing consi...

5.3CVSS5.2AI score0.00545EPSS
Exploits0References3
OSV
OSV
added 2025/03/31 6:43 p.m.8 views

CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

5.3CVSS6.6AI score0.00545EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/03/31 6:43 p.m.35 views

CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

5.3CVSS0.00545EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.4 views

Netty QUIC codec 安全漏洞

Netty QUIC codec is a new experimental QUIC codec for Netty open source. A security vulnerability exists in versions prior to Netty QUIC codec 0.0.71.Final, which stems from a hash collision vulnerability that could lead to excessive server CPU load...

5.3CVSS6.3AI score0.00545EPSS
Exploits0References1
Rows per page
Query Builder