Description

The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connection has been established.

INFO

Published Date :

2024-05-28T16:07:49.749Z

Last Modified :

2025-02-13T15:47:02.992Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2024-22590 vulnerability.

Vendors Products
Ptrd
  • Kwik
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-22590.

URL Resource
https://gist.github.com/QUICTester/ea3eb2ac736bb63e47c654e14e3ec556 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact