Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

NVD
NVDadded 2024/04/04 3:15 p.m.14 views

CVE-2024-22189

quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its peer to run out of memory sending a large number of NEWCONNECTIONID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a...

7.5CVSS7.5AI score0.00089EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2024/04/04 3:15 p.m.21 views

CVE-2024-22189

quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its peer to run out of memory sending a large number of NEWCONNECTIONID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a...

7.5CVSS7.1AI score0.00089EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2024/04/04 2:25 p.m.13 views

CVE-2024-22189 QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack

quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its peer to run out of memory sending a large number of NEWCONNECTIONID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a...

7.5CVSS7.5AI score0.00089EPSS
Exploits0References4
OSV
OSVadded 2024/04/04 2:25 p.m.13 views

CVE-2024-22189 QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack

quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its peer to run out of memory sending a large number of NEWCONNECTIONID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a...

7.5CVSS7.6AI score0.00089EPSS
Exploits0References6
AlpineLinux
AlpineLinuxadded 2024/04/04 2:25 p.m.18 views

CVE-2024-22189

quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its peer to run out of memory sending a large number of NEWCONNECTIONID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a...

7.5CVSS7.6AI score0.00089EPSS
Exploits0
Debian CVE
Debian CVEadded 2024/04/04 2:25 p.m.18 views

CVE-2024-22189

quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its peer to run out of memory sending a large number of NEWCONNECTIONID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a...

7.5CVSS7.6AI score0.00089EPSS
Exploits0
OSV
OSVadded 2024/04/02 2:16 p.m.49 views

GHSA-C33X-XQRF-C478 QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack

An attacker can cause its peer to run out of memory by sending a large number of NEWCONNECTIONID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a RETIRECONNECTIONID frame. The attacker can prevent the receiver from sending out the vast...

7.5CVSS7.4AI score0.00089EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2024/03/13 3:38 p.m.25 views

quiche vulnerable to unbounded storage of information related to connection ID retirement

Impact Cloudflare quiche was discovered to be vulnerable to unbounded storage of information related to connection ID retirement, which could lead to excessive resource consumption. Each QUIC connection possesses a set of connection Identifiers IDs; see RFC 9000 Section 5.1. Endpoints declare the...

5.3CVSS7.3AI score0.00474EPSS
Exploits0References9Affected Software1
NVD
NVDadded 2024/03/12 6:15 p.m.8 views

CVE-2024-1410

Cloudflare quiche was discovered to be vulnerable to unbounded storage of information related to connection ID retirement, which could lead to excessive resource consumption. Each QUIC connection possesses a set of connection Identifiers IDs; see RFC 9000 Section 5.1...

5.3CVSS4.4AI score0.00474EPSS
Exploits0References1
Prion
Prionadded 2024/03/12 6:15 p.m.10 views

Design/Logic Flaw

Cloudflare quiche was discovered to be vulnerable to unbounded storage of information related to connection ID retirement, which could lead to excessive resource consumption. Each QUIC connection possesses a set of connection Identifiers IDs; see RFC 9000 Section 5.1...

2.6CVSS7.3AI score0.00474EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/03/12 6:6 p.m.11 views

CVE-2024-1410 Unbounded storage of information related to connection ID retirement, in quiche

Cloudflare quiche was discovered to be vulnerable to unbounded storage of information related to connection ID retirement, which could lead to excessive resource consumption. Each QUIC connection possesses a set of connection Identifiers IDs; see RFC 9000 Section 5.1...

3.7CVSS4.8AI score0.00474EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/03/12 6:6 p.m.8 views

CVE-2024-1410 Unbounded storage of information related to connection ID retirement, in quiche

Cloudflare quiche was discovered to be vulnerable to unbounded storage of information related to connection ID retirement, which could lead to excessive resource consumption. Each QUIC connection possesses a set of connection Identifiers IDs; see RFC 9000 Section 5.1...

3.7CVSS7AI score0.00474EPSS
Exploits0References1
Rows per page
Query Builder