Описание
Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2.
A packet size handling flaw has been discovered in neqo-transport. If a server is prompted to send a packet larger than the maximum variant allowed, it will attempt to do so and panic, resulting in a program crash.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 10 | gjs | Fix deferred | ||
| Red Hat Enterprise Linux 10 | thunderbird | Fix deferred | ||
| Red Hat Enterprise Linux 7 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 8 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 8 | thunderbird | Fix deferred | ||
| Red Hat Enterprise Linux 9 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 9 | gjs | Fix deferred | ||
| Red Hat Enterprise Linux 9 | polkit | Fix deferred | ||
| Red Hat Enterprise Linux 9 | thunderbird | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
3.5 Low
CVSS3
Связанные уязвимости
Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: from 0.4.24 through 0.13.2.
EPSS
3.5 Low
CVSS3