Back

CVE-2024-22590

May 28, 2024, 5:11 p.m.

Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

Kwik

  • commit 745fd4e2

Source

cve@mitre.org

Tags

cve@mitre.org
2024-05-28
CVE-2024-22590

CVE-2024-22590 details

Published : May 28, 2024, 4:15 p.m.
Last Modified : May 28, 2024, 5:11 p.m.

Description

The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connection has been established.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://gist.github.com/QUICTester/ea3eb2ac736bb63e47c654e14e3ec556 cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.