OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-02-23 15:38:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
41cc7a12a2d0b47bc4523a8e2914965de442c2dc
advisory-db/crates/quinn-proto/RUSTSEC-2023-0063.md
github-actions[bot] 81594d9fd5 Assigned RUSTSEC-2023-0063 to quinn-proto (#1788) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
2023-09-21 11:37:21 +00:00

602 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2023-0063"
package = "quinn-proto"
date = "2023-09-21"
url = "https://github.com/quinn-rs/quinn/pull/1667"
categories = ["denial-of-service"]
keywords = ["panic"]
aliases = ["GHSA-q8wc-j5m9-27w3"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"

[versions]
patched = ["^0.9.5", ">= 0.10.5"]

Denial of service in Quinn servers

Receiving QUIC frames containing a frame with unknown frame type could lead to a panic. Unfortunately this is issue was not found by our fuzzing infrastructure.

Thanks to the QUIC Tester research group for reporting this issue.