This page aggregates publicly disclosed CVE and security risk information related to privateoctopus, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-24946 | The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). | [email protected] | 5.3 | 0.51% | 2025-02-19 | 2026-06-17 |
| CVE-2020-24944 | picoquic (before 3rd of July 2020) allows attackers to cause a denial of service (infinite loop) via a crafted QUIC frame, related to the picoquic_decode_frames and picoquic_decode_stream_frame functions and epoch==3. | [email protected] | 7.5 | 1.46% | 2021-02-08 | 2026-06-16 |