GHSA-6xvm-j4wr-6v98

ADVISORY - rustsec

Summary

Receiving QUIC transport parameters containing invalid values could lead to a panic.

Unfortunately the maintainers did not properly assess usage of unwrap() calls in the transport parameters parsing code, and we did not have sufficient fuzzing coverage to find this issue. We have since added a fuzzing target to cover this code path.

Common Weakness Enumeration (CWE)

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.