Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Netty QUIC hash collision DoS attack
Vulnerability Description
Netty QUIC codec is a QUIC codec for netty which makes use of quiche. An issue was discovered in the codec. A hash collision vulnerability (in the hash map used to manage connections) allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). This vulnerability is fixed in 0.0.71.Final.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
算法复杂性
Vulnerability Title
Netty QUIC codec 安全漏洞
Vulnerability Description
Netty QUIC codec是Netty开源的一个新实验性 QUIC 编解码器。 Netty QUIC codec 0.0.71.Final之前版本存在安全漏洞,该漏洞源于哈希碰撞漏洞,可能导致服务器CPU负载过高。
CVSS Information
N/A
Vulnerability Type
N/A