mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
28 lines
915 B
JSON
28 lines
915 B
JSON
{
|
|
"id": "CVE-2024-25679",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2024-02-09T10:15:08.740",
|
|
"lastModified": "2024-02-09T14:26:32.663",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "In PQUIC before 5bde5bb, retention of unused initial encryption keys allows attackers to disrupt a connection with a PSK configuration by sending a CONNECTION_CLOSE frame that is encrypted via the initial key computed. Network traffic sniffing is needed as part of exploitation."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://github.com/p-quic/pquic/issues/35",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/p-quic/pquic/pull/39",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://www.rfc-editor.org/rfc/rfc9001#name-discarding-unused-keys",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |