Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.4 views

Fedora 43 : bpfman (2026-2fef29d32a)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2fef29d32a advisory. Fix CVE-2026-31812: Bump quinn-proto to 0.11.14 - Closes rhbz2446359 Tenable has extracted the preceding description block directly from the Fedora security...

8.7CVSS5.9AI score0.005EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/03/11 12:9 a.m.4 views

agnostic (>=0.2.5 <=0.2.6), async-streamdata (>=0.5.0 <=0.5.1) +65 more potentially affected by CVE-2026-31812 via quinn-proto (=0.10.6)

quinn-proto CARGO version =0.10.6 is affected by a known vulnerability. The following packages have a transitive dependency on quinn-proto and may be impacted: - agnostic =0.2.5, =0.5.0, =0.11.20, =0.10.6, =0.1.0, =0.2.7, =0.6.0, =0.4.0, =0.5.0 - durianmacros =0.4.1 - durianprocmacros =0.2.1 -...

8.7CVSS7.5AI score0.005EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/03/11 12:9 a.m.6 views

Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing

Summary A remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed quictransportparameters. In quinn-proto parsing logic, attacker-controlled varints are decoded with unwrap, so...

8.7CVSS5.8AI score0.005EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.4 views

Fedora 45 : bpfman (2026-0523662d59)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0523662d59 advisory. Automatic update for bpfman-0.5.4-6.fc45. Changelog Wed Mar 11 2026 Daniel Mellado - 0.5.4-6 - Fix CVE-2026-31812: Bump quinn-proto to 0.11.14 - Closes...

8.7CVSS5.9AI score0.005EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:21 a.m.4 views

CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS6.6AI score0.0076EPSS
Exploits0
OSV
OSV
added 2024/09/03 8:49 p.m.14 views

GHSA-VR26-JCQ5-FJJ8 Denial of service in quinn-proto when using `Endpoint::retry()`

Summary As of quinn-proto 0.11, it is possible for a server to accept, retry, refuse, or ignore an Incoming connection. However, calling retry on an unvalidated connection exposes the server to a likely panic in the following situations: - Calling refuse or ignore on the resulting validated...

8.7CVSS7.3AI score0.00568EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2024/09/03 8:49 p.m.15 views

Denial of service in quinn-proto when using `Endpoint::retry()`

Summary As of quinn-proto 0.11, it is possible for a server to accept, retry, refuse, or ignore an Incoming connection. However, calling retry on an unvalidated connection exposes the server to a likely panic in the following situations: - Calling refuse or ignore on the resulting validated...

7.5CVSS7AI score0.00568EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2024/09/02 4:45 p.m.28 views

CVE-2024-45311 Denial of service in quinn-proto when using `Endpoint::retry()`

Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. As of quinn-proto 0.11, it is possible for a server to accept, retry, refuse, or ignore an Incoming connection. However, calling retry on an unvalidated connection exposes the server to a likely panic in th...

7.5CVSS0.00568EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/02 4:45 p.m.18 views

CVE-2024-45311 Denial of service in quinn-proto when using `Endpoint::retry()`

Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. As of quinn-proto 0.11, it is possible for a server to accept, retry, refuse, or ignore an Incoming connection. However, calling retry on an unvalidated connection exposes the server to a likely panic in th...

7.5CVSS7AI score0.00568EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/09/02 12:0 a.m.4 views

PT-2024-31563 · Unknown · Quinn-Proto

Name of the Vulnerable Software and Affected Versions: quinn-proto version 0.11 Description: The issue arises when a server calls retry on an unvalidated connection, exposing it to a likely panic in two situations: 1. When refuse or ignore is called on the resulting validated connection and a...

8.7CVSS6.8AI score0.00568EPSS
Exploits0References17
OSV
OSV
added 2023/09/21 5:15 p.m.3 views

DEBIAN-CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS7.1AI score0.0076EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/09/21 5:15 p.m.14 views

CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS6.9AI score0.0076EPSS
Exploits0References6
OSV
OSV
added 2023/09/21 5:15 p.m.3 views

UBUNTU-CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS5.7AI score0.0076EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2023/09/21 4:39 p.m.17 views

CVE-2023-42805 quinn-proto Denial of Service vulnerability

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS6.6AI score0.0076EPSS
Exploits0References4
OSV
OSV
added 2023/09/21 4:39 p.m.22 views

CVE-2023-42805 quinn-proto Denial of Service vulnerability

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS7.3AI score0.0076EPSS
Exploits0References6
Cvelist
Cvelist
added 2023/09/21 4:39 p.m.37 views

CVE-2023-42805 quinn-proto Denial of Service vulnerability

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS7.6AI score0.0076EPSS
Exploits0References4
CVE
CVE
added 2023/09/21 4:39 p.m.66 views

CVE-2023-42805

CVE-2023-42805 affects the QUIC state machine implementation in quinn-proto . The issue arises when a QUIC packet contains unknown frames, which could cause a panic in versions prior to maintenance releases. The vulnerability is addressed by fixes in 0.9.5 and 0.10.5 maintenance releases. There i...

7.5CVSS7.3AI score0.0076EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2023/09/21 4:39 p.m.13 views

CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS7.3AI score0.0076EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/09/21 12:0 a.m.6 views

PT-2023-28591 · Unknown +1 · Quinn-Proto +1

Name of the Vulnerable Software and Affected Versions: quinn-proto versions prior to 0.9.5 quinn-proto versions prior to 0.10.5 Description: Receiving unknown QUIC frames in a QUIC packet could result in a panic. The issue was reported by the QUIC Tester research group and was not found by the...

7.5CVSS7.2AI score0.0076EPSS
Exploits0References21
Rows per page
Query Builder