HIGH
quinn-rs
CVE published 2026-03-10
CVE-2026-31812
CVE-2026-31812 is a denial of service vulnerability in Quinn, a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. A remote, unauthenticated attacker can trigger this vulnerability by sending a crafted QUIC Initial packet containing malformed quic_transport_parameters. The vulnerability is caused by the quinn-proto parsing logic decoding attacker-controlled varints with unwrap [truncated]