Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2023/12/12 5:30 p.m.3 views

golang: crypto/tls: lack of a limit on buffered post-handshake

A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size...

7.5CVSS7.3AI score0.01137EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/12/12 5:24 p.m.5 views

golang: crypto/tls: lack of a limit on buffered post-handshake

A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size...

7.5CVSS7.3AI score0.01137EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/10/31 2:23 p.m.4 views

golang: crypto/tls: lack of a limit on buffered post-handshake

A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size...

7.5CVSS7.3AI score0.01137EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/09/07 2:34 a.m.6 views

SUSE CVE-2023-39322

QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size...

7.5CVSS6.8AI score0.01137EPSS
Exploits0References9
Rows per page
Query Builder