CVE-2023-42805: Denial of Service issue in quinn-proto
(updated )
Receiving unknown QUIC frames in a QUIC packet could result in a panic.
References
- github.com/advisories/GHSA-q8wc-j5m9-27w3
- github.com/quinn-rs/quinn
- github.com/quinn-rs/quinn/pull/1667
- github.com/quinn-rs/quinn/pull/1668
- github.com/quinn-rs/quinn/pull/1669
- github.com/quinn-rs/quinn/security/advisories/GHSA-q8wc-j5m9-27w3
- nvd.nist.gov/vuln/detail/CVE-2023-42805
- rustsec.org/advisories/RUSTSEC-2023-0063.html
Detect and mitigate CVE-2023-42805 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →