Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:nuget/Microsoft.Native.Quic.MsQuic.OpenSSL@1.8.0
purl pkg:nuget/Microsoft.Native.Quic.MsQuic.OpenSSL@1.8.0
Next non-vulnerable version None.
Latest non-vulnerable version None.
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-3gdg-wj5w-kqe8
Aliases:
GHSA-2x7m-gf85-3745
Remote Denial of Service Vulnerability in Microsoft QUIC ### Impact The MsQuic server will continue to leak memory until no more is available, resulting in a denial of service. ### Patches The following patch was made: - Fix Memory Leak from Multiple Decodes of TP - https://github.com/microsoft/msquic/commit/5d070d661c45979946615289e92bb6b822efe9e9 ### Workarounds Beyond upgrading to the patched versions, there is no other workaround. ### MSRC CVE Info https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190
2.1.12
Affected by 0 other vulnerabilities.
2.2.7
Affected by 0 other vulnerabilities.
2.3.5
Affected by 0 other vulnerabilities.
VCID-nbrm-hm8z-63h9
Aliases:
CVE-2023-36435
GHSA-fr44-546p-7xcp
MsQuic Remote Denial of Service Vulnerability Microsoft QUIC Denial of Service Vulnerability
2.2.3
Affected by 0 other vulnerabilities.
VCID-yc75-kr14-auh5
Aliases:
CVE-2023-38171
GHSA-xh5m-8qqp-c5x7
Remote Denial of Service Vulnerability in Microsoft.Native.Quic.MsQuic.Schannel Microsoft QUIC Denial of Service Vulnerability
2.2.3
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T22:53:52.368899+00:00 GitLab Importer Affected by VCID-3gdg-wj5w-kqe8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.Native.Quic.MsQuic.OpenSSL/GHSA-2x7m-gf85-3745.yml 38.4.0
2026-04-16T22:40:29.874718+00:00 GitLab Importer Affected by VCID-yc75-kr14-auh5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.Native.Quic.MsQuic.OpenSSL/CVE-2023-38171.yml 38.4.0
2026-04-16T22:40:14.347247+00:00 GitLab Importer Affected by VCID-nbrm-hm8z-63h9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.Native.Quic.MsQuic.OpenSSL/CVE-2023-36435.yml 38.4.0
2026-04-12T00:12:16.316628+00:00 GitLab Importer Affected by VCID-3gdg-wj5w-kqe8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.Native.Quic.MsQuic.OpenSSL/GHSA-2x7m-gf85-3745.yml 38.3.0
2026-04-11T23:59:57.742692+00:00 GitLab Importer Affected by VCID-yc75-kr14-auh5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.Native.Quic.MsQuic.OpenSSL/CVE-2023-38171.yml 38.3.0
2026-04-11T23:59:41.520864+00:00 GitLab Importer Affected by VCID-nbrm-hm8z-63h9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.Native.Quic.MsQuic.OpenSSL/CVE-2023-36435.yml 38.3.0
2026-04-03T00:18:37.466271+00:00 GitLab Importer Affected by VCID-3gdg-wj5w-kqe8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.Native.Quic.MsQuic.OpenSSL/GHSA-2x7m-gf85-3745.yml 38.1.0
2026-04-03T00:03:00.494529+00:00 GitLab Importer Affected by VCID-yc75-kr14-auh5 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.Native.Quic.MsQuic.OpenSSL/CVE-2023-38171.yml 38.1.0
2026-04-03T00:02:45.174520+00:00 GitLab Importer Affected by VCID-nbrm-hm8z-63h9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/Microsoft.Native.Quic.MsQuic.OpenSSL/CVE-2023-36435.yml 38.1.0