All 7 CVE vulnerabilities found in quic-go, with AI-generated Chinese analysis, references, and POCs.
Vendor: quic-go
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-64702 | quic-go HTTP/3 QPACK Header Expansion DoS CWE-770 | 5.3 | Medium | 2025-12-11 |
| CVE-2025-59530 | quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame CWE-617 | 7.5 | High | 2025-10-10 |
| CVE-2025-29785 | quic-go Has Panic in Path Probe Loss Recovery Handling CWE-248 | 7.5 | High | 2025-06-02 |
| CVE-2024-53259 | quic-go affected by an ICMP Packet Too Large Injection Attack on Linux CWE-345 | 6.5 | Medium | 2024-12-02 |
| CVE-2024-22189 | QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack CWE-770 | 7.5 | High | 2024-04-04 |
| CVE-2023-49295 | quic-go's path validation mechanism can cause denial of service CWE-400 | 6.4 | Medium | 2024-01-10 |
| CVE-2023-46239 | quic-go vulnerable to pointer dereference that can lead to panic CWE-248 | 7.5 | High | 2023-10-31 |
All 7 known CVE vulnerabilities affecting quic-go with full Chinese analysis, references, and POCs where available.