Known Vulnerabilities for Quic-go by Quic-go Project
Listed below are 2 of the newest known vulnerabilities associated with "Quic-go" by "Quic-go Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40170 json | ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_par... | Not Provided | 2026-04-16 | 2026-04-20 |
| CVE-2026-31812 json | Quinn is a pure-Rust, async-compatible implementation of the IETF QUIC transport protocol. Prior to 0.11.14, a remote, unauth... | Not Provided | 2026-03-10 | 2026-03-11 |
| CVE-2026-25667 json | ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessi... | Not Provided | 2026-03-19 | 2026-04-22 |
| CVE-2026-24030 json | An attacker might be able to trick DNSdist into allocating too much memory while processing DNS over QUIC or DNS over HTTP/3 ... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2026-6328 json | Improper input validation, Improper verification of cryptographic signature vulnerability in XQUIC Project XQUIC xquic on Lin... | Not Provided | 2026-04-15 | 2026-04-15 |
| CVE-2023-46239 json | quic-go is an implementation of the QUIC protocol in Go. Starting in version 0.37.0 and prior to version 0.37.3, by serializi... | 7.5 - HIGH | 2023-10-31 | 2023-11-09 |
| CVE-2022-30591 json | ** DISPUTED ** quic-go through 0.27.0 allows remote attackers to cause a denial of service (CPU consumption) via a Slowloris ... | 7.5 - HIGH | 2022-07-06 | 2023-11-07 |