Tag: xquic
1 article

Unpatched XQUIC Flaw Exposes HTTP/3 Servers to Remote Crashes
A single, tiny error - just 260 bytes of ordinary QPACK traffic - can take down an HTTP/3 server, thanks to a flaw in Alibaba's XQUIC library, dubbed XRING. This unpatched vulnerability can cause remote crashes without needing a login or malformed packets.