{"id":8825,"date":"2026-07-10T12:11:26","date_gmt":"2026-07-10T12:11:26","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/07\/10\/unpatched-xring-flaw-in-xquic-lets-remote-clients-crash-http-3-servers\/"},"modified":"2026-07-10T12:11:26","modified_gmt":"2026-07-10T12:11:26","slug":"unpatched-xring-flaw-in-xquic-lets-remote-clients-crash-http-3-servers","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/07\/10\/unpatched-xring-flaw-in-xquic-lets-remote-clients-crash-http-3-servers\/","title":{"rendered":"Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP\/3 Servers"},"content":{"rendered":"<p>\u200bA single wrong variable on one line in XQUIC, Alibaba&#8217;s QUIC and HTTP\/3 library, lets any remote client crash the server with a short burst of completely legal traffic. There is no patch.<\/p>\n<p>FoxIO researcher S\u00e9bastien F\u00e9ry\u00a0disclosed the flaw on July 8\u00a0and nicknamed it XRING. He says it needs no login and no malformed packets: about 260 bytes of ordinary QPACK traffic takes the server\u00a0A single wrong variable on one line in XQUIC, Alibaba&#8217;s QUIC and HTTP\/3 library, lets any remote client crash the server with a short burst of completely legal traffic. There is no patch.<\/p>\n<p>FoxIO researcher S\u00e9bastien F\u00e9ry\u00a0disclosed the flaw on July 8\u00a0and nicknamed it XRING. He says it needs no login and no malformed packets: about 260 bytes of ordinary QPACK traffic takes the server\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"<p>\u200bA single wrong variable on one line in XQUIC, Alibaba&#8217;s QUIC and HTTP\/3 library, lets any remote client crash the server with a short burst of completely legal traffic. There is no patch. FoxIO researcher S\u00e9bastien F\u00e9ry\u00a0disclosed the flaw on July 8\u00a0and nicknamed it XRING. He says it needs no login and no malformed packets:&hellip;&nbsp;<a href=\"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/07\/10\/unpatched-xring-flaw-in-xquic-lets-remote-clients-crash-http-3-servers\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP\/3 Servers<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":8826,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/8825"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=8825"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/8825\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/8826"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=8825"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=8825"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=8825"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}