CVE-2026-31960
Unbounded Read in Quill Causes Denial of Service
Publication date: 2026-03-11
Last updated on: 2026-03-16
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| anchore | quill | to 0.7.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-31960 is a denial-of-service (DoS) vulnerability in Quill versions before v0.7.1. It occurs because Quill reads the entire HTTP response body from Apple's notarization service into memory without any size limit during the notarization process."}, {'type': 'paragraph', 'content': 'If an attacker can modify the API responses, they can send an arbitrarily large payload, causing Quill to run out of memory and crash.'}, {'type': 'paragraph', 'content': "Exploitation requires the ability to intercept or modify Apple's notarization API responses, which is generally prevented by HTTPS with proper TLS certificate validation. However, environments with TLS-intercepting proxies, compromised certificate authorities, or other trust boundary violations are vulnerable."}, {'type': 'paragraph', 'content': 'Both the Quill CLI and library are affected when performing notarization operations. The vulnerability was fixed in version v0.7.1.'}] [1]
How can this vulnerability impact me? :
This vulnerability impacts the availability of the Quill client during the Apple notarization process.
An attacker who can control or modify the notarization API responses can cause Quill to consume excessive memory and crash, resulting in denial of service.
There is no impact on confidentiality or integrity, so data is not exposed or altered.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'Detection of this vulnerability involves identifying the use of Quill versions prior to v0.7.1 performing Apple notarization operations, especially in environments where TLS-intercepting proxies or compromised certificate authorities exist.'}, {'type': 'paragraph', 'content': "Since exploitation requires modification of Apple's notarization API responses, monitoring for unusual or large HTTP response bodies during notarization processes may help detect attempts."}, {'type': 'paragraph', 'content': 'No specific detection commands or tools are provided in the available information.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'The primary mitigation step is to upgrade Quill to version v0.7.1 or later, where this vulnerability is fixed.'}, {'type': 'paragraph', 'content': "Since no workarounds are available, ensuring that the environment does not allow interception or modification of Apple's notarization API responses (e.g., avoiding TLS-intercepting proxies or compromised certificate authorities) can reduce risk."}] [1]