Home > Vulnerability Database > WS-2023-0264

Mend.io Vulnerability Database

WS-2023-0264

Good to know:

Date: July 25, 2023

An issue in s2n-quic results in the endpoint shutting down due to a combination of peer-initiated connection migration and duplicate new connection ID frames being received. No AWS services are affected by this issue, and customers of AWS services do not need to take action. The patch is included in v1.25.0.

Language: RUST

Severity Score

7.5

Related Resources (2)

Url: https://github.com/aws/s2n-quic/commit/73a814240c5db6fae261a6e4ab567b0b094a35db

Url: https://www.mend.io/vulnerability-database/WS-2023-0264

Severity Score

7.5

Weakness Type (CWE)

Uncontrolled Resource Consumption ('Resource Exhaustion')

CWE-400

Top Fix

Upgrade Version

Upgrade to version s2n-quic - 1.25.0

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

WS-2023-0264

Good to know:

Date: July 25, 2023

Language: RUST

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?