Vulnerabilities in quic-go
11 resultsCVE-2023-49295MEDIUMquic-go's path validation mechanism can cause denial of serviceEPSS 1.2%CVE-2024-22189HIGHQUIC's Connection ID Mechanism vulnerable to Memory Exhaustion AttackEPSS 1.1%CVE-2023-46239HIGHquic-go vulnerable to pointer dereference that can lead to panicEPSS 0.8%CVE-2024-53259MEDIUMquic-go affected by an ICMP Packet Too Large Injection Attack on LinuxEPSS 0.6%CVE-2025-59530HIGHquic-go has Client Crash Due to Premature HANDSHAKE_DONE FrameEPSS 0.4%CVE-2026-21434MEDIUMwebtransport-go affected by Memory Exhaustion Attack due to Missing Length Check in WT_CLOSE_SESSION CapsuleEPSS 0.4%CVE-2026-21435MEDIUMwebtransport-go CloseWithError can block indefinitelyEPSS 0.4%CVE-2025-29785HIGHquic-go Has Panic in Path Probe Loss Recovery HandlingEPSS 0.4%CVE-2026-21438MEDIUMwebtransport-go affected by a Memory Exhaustion Attack due to Missing Cleanup of Streams MapEPSS 0.4%CVE-2025-64702MEDIUMquic-go HTTP/3 QPACK Header Expansion DoSEPSS 0.3%CVE-2026-40898MEDIUMquic-go: HTTP/3 QPACK Trailer Expansion Memory ExhaustionEPSS 0.3%