NuGet package
microsoft.native.quic.msquic.openssl
pkg:nuget/microsoft.native.quic.msquic.openssl
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-32179 | cri | — | >= 2.5.0-ci.532574, < 2.5.7 | 2.5.7 | Apr 16, 2026 | ### Summary Improper input validation in Microsoft QUIC allows an unauthorized attacker to elevate privileges over a network. ### Details Improper Input Validation Integer Underflow (Wrap or Wraparound) when decoding ACK frame. #### Patches - Fix underflow in ACK frame parsing | |
| CVE-2023-36435 | — | < 2.2.3 | 2.2.3 | Oct 10, 2023 | Microsoft QUIC Denial of Service Vulnerability | ||
| CVE-2023-38171 | — | < 2.2.3 | 2.2.3 | Oct 10, 2023 | Microsoft QUIC Denial of Service Vulnerability |
- affected >= 2.5.0-ci.532574, < 2.5.7fixed 2.5.7
### Summary Improper input validation in Microsoft QUIC allows an unauthorized attacker to elevate privileges over a network. ### Details Improper Input Validation Integer Underflow (Wrap or Wraparound) when decoding ACK frame. #### Patches - Fix underflow in ACK frame parsing
- CVE-2023-36435Oct 10, 2023affected < 2.2.3fixed 2.2.3
Microsoft QUIC Denial of Service Vulnerability
- CVE-2023-38171Oct 10, 2023affected < 2.2.3fixed 2.2.3
Microsoft QUIC Denial of Service Vulnerability