GHSA-475v-pq2g-fp9g: s2n-quic potential denial of service via crafted stream frames

November 8, 2023

An issue in s2n-quic could result in unnecessary resource utilization when peers open streams beyond advertised limits.

Impacted versions: <= v1.30.0.

References

github.com/advisories/GHSA-475v-pq2g-fp9g
github.com/aws/s2n-quic
github.com/aws/s2n-quic/commit/73e66b066de4940d129dbf33d91c39170eb4c38d
github.com/aws/s2n-quic/releases/tag/v1.31.0
github.com/aws/s2n-quic/security/advisories/GHSA-475v-pq2g-fp9g

Code Behaviors & Features

Detect and mitigate GHSA-475v-pq2g-fp9g with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →