4 matches found
EUVD-2026-36462
Netty: QUIC stateless reset token material exposed through header-visible connection IDs...
CVE-2026-50009
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the...
CVE-2025-24946
The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...
CVE-2025-24947
A hash collision vulnerability in the hash table used to manage connections in LSQUIC aka LiteSpeed QUIC before 4.2.0 allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. This is caused by...