PT-2025-31606 · Litespeed · Litespeed Quic

Published

2025-08-01

·

Updated

2025-08-01

·

CVE-2025-54939

Report an issue
CVSS v3.1
5.3
VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions:

LiteSpeed QUIC (LSQUIC) Library versions prior to 4.3.1

Description:

The LiteSpeed QUIC (LSQUIC) Library contains a memory leak in the `lsquic engine packet in` function.

Recommendations:

Update to LiteSpeed QUIC (LSQUIC) Library version 4.3.1 or later.

Fix

Allocation of Resources Without Limits

Weakness Enumeration

CWE-770

Related Identifiers

CVE-2025-54939

Affected Products

Litespeed Quic