Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.4 views

Fedora 43 : bpfman (2026-2fef29d32a)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2fef29d32a advisory. Fix CVE-2026-31812: Bump quinn-proto to 0.11.14 - Closes rhbz2446359 Tenable has extracted the preceding description block directly from the Fedora security...

8.7CVSS5.9AI score0.005EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/03/11 12:9 a.m.4 views

agnostic (>=0.2.5 <=0.2.6), async-streamdata (>=0.5.0 <=0.5.1) +65 more potentially affected by CVE-2026-31812 via quinn-proto (=0.10.6)

quinn-proto CARGO version =0.10.6 is affected by a known vulnerability. The following packages have a transitive dependency on quinn-proto and may be impacted: - agnostic =0.2.5, =0.5.0, =0.11.20, =0.10.6, =0.1.0, =0.2.7, =0.6.0, =0.4.0, =0.5.0 - durianmacros =0.4.1 - durianprocmacros =0.2.1 -...

8.7CVSS7.5AI score0.005EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/03/11 12:9 a.m.5 views

Quinn affected by unauthenticated remote DoS via panic in QUIC transport parameter parsing

Summary A remote, unauthenticated attacker can trigger a denial of service in applications using vulnerable quinn versions by sending a crafted QUIC Initial packet containing malformed quictransportparameters. In quinn-proto parsing logic, attacker-controlled varints are decoded with unwrap, so...

8.7CVSS5.8AI score0.005EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.4 views

Fedora 45 : bpfman (2026-0523662d59)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0523662d59 advisory. Automatic update for bpfman-0.5.4-6.fc45. Changelog Wed Mar 11 2026 Daniel Mellado - 0.5.4-6 - Fix CVE-2026-31812: Bump quinn-proto to 0.11.14 - Closes...

8.7CVSS5.9AI score0.005EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:21 a.m.4 views

CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS6.6AI score0.0076EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2024/09/03 8:49 p.m.15 views

Denial of service in quinn-proto when using `Endpoint::retry()`

Summary As of quinn-proto 0.11, it is possible for a server to accept, retry, refuse, or ignore an Incoming connection. However, calling retry on an unvalidated connection exposes the server to a likely panic in the following situations: - Calling refuse or ignore on the resulting validated...

7.5CVSS7AI score0.00568EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/09/03 8:49 p.m.12 views

GHSA-VR26-JCQ5-FJJ8 Denial of service in quinn-proto when using `Endpoint::retry()`

Summary As of quinn-proto 0.11, it is possible for a server to accept, retry, refuse, or ignore an Incoming connection. However, calling retry on an unvalidated connection exposes the server to a likely panic in the following situations: - Calling refuse or ignore on the resulting validated...

8.7CVSS7.3AI score0.00568EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/09/02 4:45 p.m.18 views

CVE-2024-45311 Denial of service in quinn-proto when using `Endpoint::retry()`

Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. As of quinn-proto 0.11, it is possible for a server to accept, retry, refuse, or ignore an Incoming connection. However, calling retry on an unvalidated connection exposes the server to a likely panic in th...

7.5CVSS7AI score0.00568EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/09/02 4:45 p.m.28 views

CVE-2024-45311 Denial of service in quinn-proto when using `Endpoint::retry()`

Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. As of quinn-proto 0.11, it is possible for a server to accept, retry, refuse, or ignore an Incoming connection. However, calling retry on an unvalidated connection exposes the server to a likely panic in th...

7.5CVSS0.00568EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/09/02 12:0 a.m.4 views

PT-2024-31563 · Unknown · Quinn-Proto

Name of the Vulnerable Software and Affected Versions: quinn-proto version 0.11 Description: The issue arises when a server calls retry on an unvalidated connection, exposing it to a likely panic in two situations: 1. When refuse or ignore is called on the resulting validated connection and a...

8.7CVSS6.8AI score0.00568EPSS
Exploits0References17
OSV
OSV
added 2023/09/21 5:15 p.m.3 views

DEBIAN-CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS7.1AI score0.0076EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/09/21 5:15 p.m.13 views

CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS6.9AI score0.0076EPSS
Exploits0References6
OSV
OSV
added 2023/09/21 5:15 p.m.2 views

UBUNTU-CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS5.7AI score0.0076EPSS
Exploits0References7
CVE
CVE
added 2023/09/21 4:39 p.m.65 views

CVE-2023-42805

CVE-2023-42805 affects the QUIC state machine implementation in quinn-proto . The issue arises when a QUIC packet contains unknown frames, which could cause a panic in versions prior to maintenance releases. The vulnerability is addressed by fixes in 0.9.5 and 0.10.5 maintenance releases. There i...

7.5CVSS7.3AI score0.0076EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/21 4:39 p.m.17 views

CVE-2023-42805 quinn-proto Denial of Service vulnerability

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS6.6AI score0.0076EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/09/21 4:39 p.m.36 views

CVE-2023-42805 quinn-proto Denial of Service vulnerability

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS7.6AI score0.0076EPSS
Exploits0References4
OSV
OSV
added 2023/09/21 4:39 p.m.22 views

CVE-2023-42805 quinn-proto Denial of Service vulnerability

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS7.3AI score0.0076EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2023/09/21 4:39 p.m.12 views

CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases...

7.5CVSS7.3AI score0.0076EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/09/21 12:0 a.m.6 views

PT-2023-28591 · Unknown +1 · Quinn-Proto +1

Name of the Vulnerable Software and Affected Versions: quinn-proto versions prior to 0.9.5 quinn-proto versions prior to 0.10.5 Description: Receiving unknown QUIC frames in a QUIC packet could result in a panic. The issue was reported by the QUIC Tester research group and was not found by the...

7.5CVSS7.2AI score0.0076EPSS
Exploits0References21
Rows per page
Query Builder