rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
e1a39a608578ce903f445978702bac79d09263d3
advisory-db/crates/quinn-proto/RUSTSEC-2023-0063.md
Alexis Mousset e1a39a6085 Sync advisories ids from GitHub (#1881)
2024-02-10 10:57:43 -05:00

620 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2023-0063"
package = "quinn-proto"
date = "2023-09-21"
url = "https://github.com/quinn-rs/quinn/pull/1667"
categories = ["denial-of-service"]
keywords = ["panic"]
aliases = ["CVE-2023-42805", "GHSA-q8wc-j5m9-27w3"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"

[versions]
patched = ["^0.9.5", ">= 0.10.5"]

Denial of service in Quinn servers

Receiving QUIC frames containing a frame with unknown frame type could lead to a panic. Unfortunately this is issue was not found by our fuzzing infrastructure.

Thanks to the QUIC Tester research group for reporting this issue.