Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In QUIC in RFC 9000, the Latency Spin Bit specification (section 17.4) does not strictly constrain the bit value when the feature is disabled, which might allow remote attackers to construct a covert channel with data represented as changes to the bit value. NOTE: The "Sheridan, S., Keane, A. (2015). In Proceedings of the 14th European Conference on Cyber Warfare and Security (ECCWS), University of Hertfordshire, Hatfield, UK." paper says "Modern Internet communication protocols provide an almost infinite number of ways in which data can be hidden or embed whithin seemingly normal network traffic."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RFC 9000 安全漏洞
Vulnerability Description
RFC 9000是一种用于在互联网上进行快速且安全传输数据的协议。 RFC 9000 存在安全漏洞,该漏洞源于允许远程攻击者使用表示为位值更改的数据构建隐蔽通道,将数据隐藏或嵌入看似正常的网络流量中。
CVSS Information
N/A
Vulnerability Type
N/A