View | Details | Raw Unified | Return to bug 277692 | Differences between
and this patch

Collapse All | Expand All

(-)b/security/vuxml/vuln/2024.xml (+31 lines)
Lines 1-3 Link Here
1 
  <vuln vid="34f98d06-eb56-11ee-8007-6805ca2fa271">
2 
    <topic>quiche -- Multiple Vulnerabilities</topic>
3 
    <affects>
4 
      <package>
5 
       <name>quiche</name>
6 
       <range><lt>0.20.1</lt></range>
7 
      </package>
8 
    </affects>
9 
    <description>
10 
	<body xmlns="http://www.w3.org/1999/xhtml">
11 
	<p>Quiche Releases reports:</p>
12 
	<blockquote cite="https://github.com/cloudflare/quiche/releases/tag/0.20.1">
13 
	 <p>This release includes 2 security fixes:</p>
14 
	 <ul>
15 
	    <li>CVE-2024-1410: Unbounded storage of information related to connection ID retirement, in quiche. Reported by Marten Seeman (@marten-seeman)</li>
16 
	    <li>CVE-2024-1765: Unlimited resource allocation by QUIC CRYPTO frames flooding in quiche. Reported by Marten Seeman (@marten-seeman)</li>
17 
	 </ul>
18 
	</blockquote>
19 
	</body>
20 
    </description>
21 
    <references>
22 
      <cvename>CVE-2024-1410</cvename>
23 
      <cvename>CVE-2024-1765</cvename>
24 
      <url>https://github.com/cloudflare/quiche/releases/tag/0.20.1</url>
25 
    </references>
26 
    <dates>
27 
      <discovery>2024-03-12</discovery>
28 
      <entry>2024-03-26</entry>
29 
    </dates>
30 
  </vuln>
31 

            

        

          1
          
  <vuln vid="80815c47-e84f-11ee-8e76-a8a1599412c6">

          32
          
  <vuln vid="80815c47-e84f-11ee-8e76-a8a1599412c6">

        

        

          2
          
    <topic>chromium -- multiple security fixes</topic>

          33
          
    <topic>chromium -- multiple security fixes</topic>

        

        

          3
          
    <affects>

          34
          
    <affects>

        






  

  Return to bug 277692