2 matches found
CVE-2026-40898
A flaw was found in quic-go, an implementation of the QUIC protocol in Go. A remote attacker can exploit this by sending specially crafted HTTP/3 trailer fields. This can cause the system to allocate excessive memory, leading to a denial-of-service DoS condition where the affected server or clien...
quic-go security vulnerability
quic-go is an implementation of the QUIC protocol, RFC 9000 protocol in Go by Lucas Clemente, a personal developer. A security vulnerability exists in versions of quic-go prior to 0.37.0 to 0.37.3, which stems from a vulnerability that allows an attacker to serialize ACK frames on completion of a...