Updated: 2026-02-27 03:19:47.712223
Description:
Processing an incomplete post-handshake message for a QUIC connection can cause a panic.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0.0 | |
| CVSS Version 3.x | HIGH | 7.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | golang | 1.19.13 | 7.5 | HIGH | Not Vulnerable | 2025-05-21 01:40:39 | Not vulnerable. CVE-2023-39321 targets the Go standard library’s crypto/tls QUIC support (QUICConn... | |
| AlmaLinux 9.2 ESU | buildah | 1.29.1 | 7.5 | HIGH | Not Vulnerable | 2025-05-15 03:40:46 | Not vulnerable. CVE-2023-39321 targets the Go standard library’s crypto/tls QUIC support (QUICConn... | |
| AlmaLinux 9.2 ESU | git-lfs | 3.2.0 | 7.5 | HIGH | Released | CLSA-2025:1762539123 | 2025-11-07 23:05:44 | Not vulnerable. CVE-2023-39321 targets the Go standard library’s crypto/tls QUIC support (QUICConn... |
| AlmaLinux 9.2 ESU | podman | 4.4.1 | 7.5 | HIGH | Not Vulnerable | 2025-07-22 00:50:42 | Not vulnerable. CVE-2023-39321 targets the Go standard library’s crypto/tls QUIC support (QUICConn... | |
| AlmaLinux 9.2 ESU | skopeo | 1.11.2 | 7.5 | HIGH | Not Vulnerable | 2025-12-05 21:55:04 | Not vulnerable. CVE-2023-39321 targets the Go standard library’s crypto/tls QUIC support (QUICConn... | |
| AlmaLinux 9.2 ESU | containernetworking-plugins | 1.2.0 | 7.5 | HIGH | Released | CLSA-2025:1762538558 | 2025-11-07 23:06:24 | Not vulnerable. CVE-2023-39321 targets the Go standard library’s crypto/tls QUIC support (QUICConn... |
| AlmaLinux 9.2 ESU | runc | 1.1.4 | 7.5 | HIGH | Released | CLSA-2025:1763489872 | 2025-11-18 23:19:32 | Not vulnerable. CVE-2023-39321 targets the Go standard library’s crypto/tls QUIC support (QUICConn... |