FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

quiche -- Multiple Vulnerabilities

Affected packages
		quiche	<	0.20.1

Details

VuXML ID	34f98d06-eb56-11ee-8007-6805ca2fa271
Discovery	2024-03-12
Entry	2024-03-26

Quiche Releases reports:

This release includes 2 security fixes:

CVE-2024-1410: Unbounded storage of information related to connection ID retirement, in quiche. Reported by Marten Seeman (@marten-seeman)

CVE-2024-1765: Unlimited resource allocation by QUIC CRYPTO frames flooding in quiche. Reported by Marten Seeman (@marten-seeman)

[source]

References

CVE Name	CVE-2024-1410
CVE Name	CVE-2024-1765
URL	https://github.com/cloudflare/quiche/releases/tag/0.20.1