23 matches found
CVE-2026-44436
Quicly (QUIC implementation used with H2O) is vulnerable to a Denial of Service due to connection state corruption caused by a 255-byte Connection ID handling in the decoder, while QUIC version 1 requires a 20-byte CID buffer. The library lacked enforcement for 20-byte CIDs, allowing mismatched I...
CVE-2026-44435
CVE-2026-44435 : Quicly (QUIC protocol implementation used with H2O) contains an assertion failure that triggers a Denial of Service when the total number of valid handshake messages over a CRYPTO stream within a single packet number space exceeds 32KB. The issue is fixed by commit 937d0e9. Affec...
CVE-2026-44434
Quicly (QUIC protocol implementation used with H2O HTTP server) was vulnerable to stateless reset injection before commit dccf5d4 due to lack of packet entry validation, allowing an on-path attacker to reset QUIC connections by exploiting zero-initialized secret-pattern slots. The issue has been ...
CVE-2026-44433
CVE-2026-44433 affects the Quicly QUIC protocol implementation used with the H2O HTTP server. Prior to commit 8b178e6, an adversarial peer could send a STREAM frame carrying only a single byte at the largest permitted offset to obtain additional flow control credit, potentially causing memory exh...
CVE-2025-61684
Quicly, an IETF QUIC protocol implementation, is susceptible to a denial-of-service attack prior to commit d9d3df6a8530a102b57d840e39b0311ce5c9e14e. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using Quicly. Commit...
CVE-2025-61684
Quicly, an IETF QUIC protocol implementation, is susceptible to a denial-of-service attack prior to commit d9d3df6a8530a102b57d840e39b0311ce5c9e14e. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using Quicly. Commit...
CVE-2025-61684 Quicly has assertion failures
Quicly, an IETF QUIC protocol implementation, is susceptible to a denial-of-service attack prior to commit d9d3df6a8530a102b57d840e39b0311ce5c9e14e. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using Quicly. Commit...
CVE-2025-61684 Quicly has assertion failures
Quicly, an IETF QUIC protocol implementation, is susceptible to a denial-of-service attack prior to commit d9d3df6a8530a102b57d840e39b0311ce5c9e14e. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using Quicly. Commit...
EUVD-2025-206302
Quicly, an IETF QUIC protocol implementation, is susceptible to a denial-of-service attack prior to commit d9d3df6a8530a102b57d840e39b0311ce5c9e14e. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using Quicly. Commit...
CVE-2025-61684
CVE-2025-61684 affects Quicly, an IETF QUIC protocol implementation. The vulnerability is a denial-of-service caused by an assertion failure that crashes the process, exploitable before commit d9d3df6a8530a102b57d840e39b0311ce5c9e14e. The issue is mitigated by the mentioned commit which fixes the...
CVE-2025-61684
Quicly, an IETF QUIC protocol implementation, is susceptible to a denial-of-service attack prior to commit d9d3df6a8530a102b57d840e39b0311ce5c9e14e. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using Quicly. Commit...
CVE-2025-61684 Quicly has assertion failures
Quicly, an IETF QUIC protocol implementation, is susceptible to a denial-of-service attack prior to commit d9d3df6a8530a102b57d840e39b0311ce5c9e14e. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using Quicly. Commit...
Quicly input validation error vulnerability
Quicly is an implementation of the IETF QUIC protocol developed by H2O OpenSource. Previous versions of Quicly had a vulnerability related to input validation errors. This vulnerability allowed remote attackers to exploit these errors to trigger assertion failures, potentially causing processes...
PT-2026-3445
Quicly, an IETF QUIC protocol implementation, is susceptible to a denial-of-service attack prior to commit d9d3df6a8530a102b57d840e39b0311ce5c9e14e. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using Quicly. Commit...
EUVD-2024-41457
Malicious code in bioql PyPI...
CVE-2024-45396
Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using quicly. The vulnerability is addressed with commit...
CVE-2024-45396
Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using quicly. The vulnerability is addressed with commit...
CVE-2024-45396 Quicly assertion failures
Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using quicly. The vulnerability is addressed with commit...
CVE-2024-45396 Quicly assertion failures
Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using quicly. The vulnerability is addressed with commit...
CVE-2024-45396 Quicly assertion failures
Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using quicly. The vulnerability is addressed with commit...