65 matches found
Fedora 43 : bpfman (2026-2fef29d32a)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2fef29d32a advisory. Fix CVE-2026-31812: Bump quinn-proto to 0.11.14 - Closes rhbz2446359 Tenable has extracted the preceding description block directly from the Fedora security...
SUSE CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
agnostic (>=0.2.5 <=0.2.6), async-streamdata (>=0.5.0 <=0.5.1) +62 more potentially affected by CVE-2026-31812 via quinn-proto (=0.10.6)
quinn-proto CARGO version =0.10.6 is affected by a known vulnerability. The following packages have a transitive dependency on quinn-proto and may be impacted: - agnostic =0.2.5, =0.5.0, =0.11.20, =0.10.6, =0.1.0, =0.2.7, =0.6.0, =0.4.0, =0.1.0, =0.3.0 and more Source cves: CVE-2026-31812 Source...
EUVD-2026-10908
Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing...
GHSA-6XVM-J4WR-6V98 Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing
Summary A remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed quictransportparameters. In quinn-proto parsing logic, attacker-controlled varints are decoded with unwrap, so...
Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing
Summary A remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed quictransportparameters. In quinn-proto parsing logic, attacker-controlled varints are decoded with unwrap, so...
Linux Distros Unpatched Vulnerability : CVE-2026-31812
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a...
Fedora 45 : bpfman (2026-0523662d59)
The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0523662d59 advisory. Automatic update for bpfman-0.5.4-6.fc45. Changelog Wed Mar 11 2026 Daniel Mellado - 0.5.4-6 - Fix CVE-2026-31812: Bump quinn-proto to 0.11.14 - Closes...
DEBIAN-CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
UBUNTU-CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
CVE-2026-31812
In Quinn (Rust, QUIC), the quinn-proto parsing path decodes attacker-controlled varints with unwrap(), so a crafted QUIC Initial packet containing malformed quic_transport_parameters can trigger an unexpected end and panic. This remote, unauthenticated DoS is reachable over the network and affect...
CVE-2026-31812 Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
CVE-2026-31812 Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
CVE-2026-31812 Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
CVE-2026-31812
Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed...
Quinn 安全漏洞
Quinn is a pure Rust implementation of the IETF QUIC transport protocol, developed by quinn-rs. Versions of Quinn prior to 0.11.14 contained a security vulnerability. This vulnerability stemmed from decoding varints during the parsing of specially crafted QUIC initial packets, which could lead to...
RUSTSEC-2026-0037 Denial of service in Quinn endpoints
Receiving QUIC transport parameters containing invalid values could lead to a panic. Unfortunately the maintainers did not properly assess usage of unwrap calls in the transport parameters parsing code, and we did not have sufficient fuzzing coverage to find this issue. We have since added a...