Denial of Service Vulnerability in Quicly by H2O
CVE-2025-61684
7.5HIGH
What is CVE-2025-61684?
Quicly, an implementation of the IETF QUIC protocol, is vulnerable to a denial-of-service attack that could allow a remote attacker to crash processes utilizing the protocol. This vulnerability is caused by certain assertion failures, which can be triggered through malicious inputs. The issue has been addressed in a fix available in commit d9d3df6a8530a102b57d840e39b0311ce5c9e14e, emphasizing the importance of updating to this secure version to mitigate the risk.
Affected Version(s)
quicly < d9d3df6
