exploitDog

CVE-2025-29908

Опубликовано: 31 мар. 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability (in the hash map used to manage connections) allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). This vulnerability is fixed in 0.0.71.Final.

Ссылки

EPSS

Процентиль: 65%

0.00488

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-407

Связанные уязвимости

GHSA-hqqc-jr88-p6x2

CVSS3: 5.3

github

10 месяцев назад

Netty QUIC hash collision DoS attack

EPSS

Процентиль: 65%

0.00488

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-407