Kura now uses quinn-proto 0.11.15, which patches a high-severity vulnerability (RUSTSEC-2026-0185) that could allow a remote peer to exhaust memory through unbounded QUIC stream reassembly. This keeps the Kura Docker image and audit checks clean without changing application behavior.
Hive
Security patch for quinn-proto remote memory exhaustion
Published
Jun 22, 2026 · 22:39 UTC
Repository
tuist/tuist