CNNVD-202602-493 Information

CNNVD ID

CNNVD-202602-493

Related CVE

CVE-2026-1788

• CNNVD Published: 2026-02-03

Description (Chinese)

XQUIC是Alibaba开源的一个QUIC和HTTP/3协议的跨平台实现代码库。 XQUIC 1.8.3及之前版本存在安全漏洞，该漏洞源于Linux上的QUIC协议实现存在越界写入，可能导致缓冲区操作。

Description (English)

XQUIC is a cross-platform realization code repository for the QUIC and HTTP/3 protocols that are open sources in Alibaba. The security gap in XQUIC 1.8.3 and earlier versions stemmed from the cross-border inclusion of the QUIC agreement on Linux, which could lead to the operation of the buffer zone.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

阿里巴巴集团

Published

2026-02-03

Last Modified

2026-02-24

References

https://github.com/alibaba/xquic https://access.redhat.com/security/cve/cve-2026-1788

Patch

https://github.com/alibaba/xquic/releases