Vulnerability Details CVE-2023-39321
Processing an incomplete post-handshake message for a QUIC connection can cause a panic.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.8%
CVSS Severity
CVSS v3 Score 7.5
References
- https://go.dev/cl/523039
- https://go.dev/issue/62266
- https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ
- https://pkg.go.dev/vuln/GO-2023-2044
- https://security.gentoo.org/glsa/202311-09
- https://security.netapp.com/advisory/ntap-20231020-0004/
- https://go.dev/cl/523039
- https://go.dev/issue/62266
- https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ
- https://pkg.go.dev/vuln/GO-2023-2044
- https://security.gentoo.org/glsa/202311-09
- https://security.netapp.com/advisory/ntap-20231020-0004/