VDB
CVE-2025-29785
CVE-2025-29785
PUBLISHED
CVSS 7.5 HIGH
quic-go Has Panic in Path Probe Loss Recovery Handling
EPSS 0.14% · 33.1th percentile
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.14%
33.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | quic-go/quic-go | 0.50.0, 0.50.0 |
| quic-go | quic-go | = 0.50.0, * |
Timeline
- Jan 21, 1970 Security Advisory
- Jun 2, 2025 EPSS Score
- Jun 2, 2025 Coalition ESS Score
- Jun 2, 2025 CVE Published
- Jun 2, 2025 PoC Published
- Jun 2, 2025 PoC Published
- Jun 13, 2025 EPSS Score
- Jun 23, 2025 EPSS Score
- Jul 4, 2025 EPSS Score
- Jul 15, 2025 EPSS Score
- Jul 26, 2025 EPSS Score
- Aug 5, 2025 EPSS Score
References
- https://github.com/quic-go/quic-go/security/advisories/GHSA-j972-j939-p2v3 url
- https://github.com/quic-go/quic-go/issues/4981 url
- https://github.com/quic-go/quic-go/commit/b90058aba5f65f48e0e150c89bbaa21a72dda4de url
- https://nvd.nist.gov/vuln/detail/CVE-2025-29785 advisory
- https://github.com/quic-go/quic-go package