CVE-2025-29908 Netty QUIC hash collision DoS attack

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability in the hash map used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections...

CVE-2025-29908

CVE-2025-29908 affects the Netty QUIC codec (netty-incubator-codec-quic) which uses quiche. The issue is a hash collision in the hash map that manages connections, allowing a remote attacker to induce a Hash DoS by initiating connections with colliding Source Connection IDs (SCIDs), causing consi...

Netty QUIC codec 安全漏洞

Netty QUIC codec is a new experimental QUIC codec for Netty open source. A security vulnerability exists in versions prior to Netty QUIC codec 0.0.71.Final, which stems from a hash collision vulnerability that could lead to excessive server CPU load...

Malicious code in wm-webpack-player-sri (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2ce8f86b27a02853a91d351ebf67ea4c8b697d62b1c65c295b7a01cfa89148ec The OpenSSF Package Analysis project identified 'wm-webpack-player-sri' @ 0.0.71 npm as malicious. It is considered malicious because: - The...