Cloudflare Quiche
7 CVEs affecting Cloudflare Quiche. Latest disclosed: 2026-06-19. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-4821 | High | 7.5 | 2025-06-18 | Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the pa… |
CVE-2025-7054 | Medium | 6.5 | 2025-08-07 | Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRE_CONNECTION_ID frames. QUIC connections possess a… |
CVE-2024-1765 | Medium | 5.9 | 2024-03-12 | Cloudflare Quiche (through version 0.19.1/0.20.0) was affected by an unlimited resource allocation vulnerability causing rapid increase of memory usage of the… |
CVE-2026-11941 | Medium | 5.6 | 2026-06-19 | Cloudflare Quiche was affected by 2 use-after-free vulnerabilities in the connection ID iterator FFI functions. The “quiche_connection_id_iter_next” and “qu… |
CVE-2025-4820 | Medium | 5.3 | 2025-06-18 | Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the pa… |
CVE-2023-6193 | Medium | 5.3 | 2023-12-12 | quiche v. 0.15.0 through 0.19.0 was discovered to be vulnerable to unbounded queuing of path validation messages, which could lead to excessive resource consum… |
CVE-2024-1410 | Low | 3.7 | 2024-03-12 | Cloudflare quiche was discovered to be vulnerable to unbounded storage of information related to connection ID retirement, which could lead to excessive resour… |