CVE-2023-42805

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Sep 21, 2023

Updated: Sep 25, 2023

CWE ID 20

Summary

CVE-2023-42805 affects quinn-proto, a state machine for QUIC transport protocol. Versions prior to 0.9.5 and 0.10.5 are vulnerable to a panic condition caused by receiving unknown QUIC frames within a packet. This issue has been resolved in the respective maintenance releases, 0.9.5 and 0.10.5. Unhandled QUIC frames can lead to unexpected application behavior, potentially resulting in denial of service or other malicious actions. Users are encouraged to update their quinn-proto installations to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sr8Mzk
https://www.cve.org/CVERecord?id=CVE-2023-42805
https://nvd.nist.gov/vuln/detail/CVE-2023-42805

Back to Vulnerability Database

CVE-2023-42805

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations