exploitDog

CVE-2020-24944

Опубликовано: 08 фев. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop) via a crafted QUIC frame, related to the picoquic_decode_frames and picoquic_decode_stream_frame functions and epoch==3.

Ссылки

https://github.com/private-octopus/picoquic/issues/969
Exploit
Third Party Advisory
https://github.com/private-octopus/picoquic/issues/969
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:privateoctopus:picoquic:*:*:*:*:*:*:*:*

Версия до 2020-07-03 (исключая)

EPSS

Процентиль: 56%

0.00334

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-835

Связанные уязвимости

GHSA-85r2-3v9j-hfrq

github

больше 3 лет назад

picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop) via a crafted QUIC frame, related to the picoquic_decode_frames and picoquic_decode_stream_frame functions and epoch==3.

EPSS

Процентиль: 56%

0.00334

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-835