CVE-2024-45396

Name of the Vulnerable Software and Affected Versions: Quicly versions up to commtit d720707

Description: Quicly is an IETF QUIC protocol implementation. It is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes the process using quicly.

Recommendations: For Quicly versions up to commtit d720707, update to a version that includes commit 2a95896104901589c495bc41460262e64ffcad5c to address the vulnerability. As a temporary workaround, consider implementing measures to prevent remote attackers from triggering assertion failures, such as restricting access to the quicly process or monitoring for suspicious activity.