Quic-go
This hub aggregates every CVE we track for Quic-go, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
9
CVEs tracked
0
Critical
5
High
0
In CISA KEV
Severity distribution
HIGH5MEDIUM4
Monthly trend
0
0
0
0
1
0
0
0
0
0
1
0
0
0
1
0
1
0
0
0
0
0
1
0
2024-082026-07
Latest CVEs
The 9 most recently published vulnerabilities affecting Quic-go.
- CVE-2026-40898quic-go: HTTP/3 QPACK Trailer Expansion Memory Exhaustion5.3
- CVE-2025-64702quic-go HTTP/3 QPACK Header Expansion DoS5.3
- CVE-2025-59530quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame7.5
- CVE-2025-29785quic-go Has Panic in Path Probe Loss Recovery Handling7.5
- CVE-2024-53259quic-go affected by an ICMP Packet Too Large Injection Attack on Linux6.5
- CVE-2024-22189QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack7.5
- CVE-2023-49295quic-go's path validation mechanism can cause denial of service6.4
- CVE-2023-46239quic-go vulnerable to pointer dereference that can lead to panic7.5
- CVE-2022-30591quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU consumption) via a Slowloris variant in which incomplete QUIC or HTTP/3 requests are sent. This occurs because mtu_d...7.5
Product normalization is registry-driven with AI assist and human review. How it works