A vulnerability was found in litespeedtech LiteSpeed QUIC up to 4.3.0. It has been declared as problematic. This vulnerability affects the function
lsquic_engine_packet_in
. The manipulation leads to allocation of resources.
This vulnerability was named CVE-2025-54939. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.