Quinn Security Vulnerabilities and Issues — Quinn CVE List

Lucene search

Quinn ProjectQuinn

3 matches found

CVE•added 2024/09/02 6:15 p.m.•204 views

CVE-2024-45311

Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. As of quinn-proto 0.11, it is possible for a server to accept(), retry(), refuse(), or ignore() an Incoming connection. However, calling retry() on an unvalidated connection exposes the server to a likely pan...

7.5CVSS7.3AI score0.00136EPSS

CVE•added 2023/09/21 5:15 p.m.•46 views

CVE-2023-42805

quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases.

7.5CVSS7.3AI score0.00185EPSS

CVE•added 2021/03/05 9:15 a.m.•37 views

CVE-2021-28036

An issue was discovered in the quinn crate before 0.7.0 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures.

7.5CVSS7.4AI score0.00353EPSS