Lucene search
K

14 matches found

redhat
redhat
added 2025/11/19 3:51 p.m.10 views

github.com/quic-go/quic-go: quic-go Crash Due to Premature HANDSHAKE_DONE Frame

A denial of service flaw has been discovered in the quic-go golang library. A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authentication and can be exploited during...

7.5CVSS5.9AI score0.00438EPSS
Exploits0References7
redhat
redhat
added 2025/11/18 5:47 p.m.2 views

github.com/quic-go/quic-go: quic-go Crash Due to Premature HANDSHAKE_DONE Frame

A denial of service flaw has been discovered in the quic-go golang library. A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authentication and can be exploited during...

7.5CVSS5.9AI score0.00438EPSS
Exploits0References7
mscve
mscve
added 2025/10/25 9:1 p.m.7 views

quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame

...

7.5CVSS7AI score0.00438EPSS
Exploits0
redhatcve
redhatcve
added 2025/10/15 5:58 p.m.4 views

CVE-2025-59530

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS6.5AI score0.00438EPSS
Exploits0References6
osv
osv
added 2025/10/10 5:3 p.m.3 views

GHSA-47M2-4CR7-MHCW quic-go: Panic occurs when queuing undecryptable packets after handshake completion

Summary A misbehaving or malicious server can trigger an assertion in a quic-go client and crash the process by sending a premature HANDSHAKEDONE frame during the handshake. Impact A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an...

7.5CVSS6.8AI score0.00438EPSS
Exploits0References8
github
github
added 2025/10/10 5:3 p.m.6 views

quic-go: Panic occurs when queuing undecryptable packets after handshake completion

Summary A misbehaving or malicious server can trigger an assertion in a quic-go client and crash the process by sending a premature HANDSHAKEDONE frame during the handshake. Impact A misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an...

7.5CVSS6.8AI score0.00438EPSS
Exploits0References8Affected Software1
snyk
snyk
added 2025/10/10 4:42 p.m.2 views

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion in the handshake phase. An attacker can cause the client to crash by sending a premature HANDSHAKEDONE frame. Remediation Upgrade github.com/quic-go/quic-go to version 0.49.1, 0.54.1 or higher. References - GitHub PR...

8.7CVSS6.5AI score0.00438EPSS
Exploits0References2
nvd
nvd
added 2025/10/10 4:15 p.m.8 views

CVE-2025-59530

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS0.00438EPSS
Exploits0References3
osv
osv
added 2025/10/10 4:15 p.m.5 views

AZL-68781 CVE-2025-59530 affecting package coredns for versions less than 1.11.1-24

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS6AI score0.00438EPSS
Exploits0References1
osv
osv
added 2025/10/10 4:15 p.m.4 views

UBUNTU-CVE-2025-59530

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS5.8AI score0.00438EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2025/10/10 4:9 p.m.3 views

CVE-2025-59530 quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS6.5AI score0.00438EPSS
Exploits0References3
cvelist
cvelist
added 2025/10/10 4:9 p.m.13 views

CVE-2025-59530 quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS0.00438EPSS
Exploits0References3
osv
osv
added 2025/10/10 4:9 p.m.4 views

CVE-2025-59530 quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame

quic-go is an implementation of the QUIC protocol in Go. In versions prior to 0.49.0, 0.54.1, and 0.55.0, a misbehaving or malicious server can cause a denial-of-service DoS attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authenticatio...

7.5CVSS7AI score0.00438EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2025/10/10 12:0 a.m.7 views

PT-2025-41573

Name of the Vulnerable Software and Affected Versions quic-go versions prior to 0.49.0 quic-go versions prior to 0.54.1 quic-go versions prior to 0.55.0 Description quic-go is an implementation of the QUIC protocol in Go. In affected versions, a malicious or misbehaving server can cause a...

7.5CVSS6.5AI score0.00438EPSS
Exploits0References13
Rows per page
Query Builder