[wp-trac] [WordPress Trac] #58769: HTTP/3 Early-Data/0-RTT replay attack
WordPress Trac
noreply at wordpress.org
Mon Jul 10 14:23:25 UTC 2023
#58769: HTTP/3 Early-Data/0-RTT replay attack
--------------------------+------------------------------
Reporter: kkmuffme | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: trunk
Severity: major | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by kkmuffme):
EDIT: just found out 0-RTT is enabled by default on Cloudflare, so this is
something (especially the nonced GET requests) that need to be addresses
rather sooner than later.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/58769#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list