Products
Kwik
- commit 745fd4e2
Source
cve@mitre.org
Tags
CVE-2024-22590 details
Published : May 28, 2024, 4:15 p.m.
Last Modified : May 28, 2024, 5:11 p.m.
Last Modified : May 28, 2024, 5:11 p.m.
Description
The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connection has been established.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
References
URL | Source |
---|---|
https://gist.github.com/QUICTester/ea3eb2ac736bb63e47c654e14e3ec556 | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.