PT-2023-28591 · Unknown+1 · Quinn-Proto+1
Quictester
·
Published
2023-09-21
·
Updated
2023-09-25
·
CVE-2023-42805
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
quinn-proto versions prior to 0.9.5
quinn-proto versions prior to 0.10.5
Description
Receiving unknown QUIC frames in a QUIC packet could result in a panic. The issue was reported by the QUIC Tester research group and was not found by the fuzzing infrastructure.
Recommendations
For quinn-proto versions prior to 0.9.5, update to version 0.9.5 or later to resolve the issue.
For quinn-proto versions prior to 0.10.5, update to version 0.10.5 or later to resolve the issue.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Quinn-Proto