Lucene search
K

379 matches found

CNNVD
CNNVD
added 2025/03/31 12:0 a.m.6 views

Netty QUIC codec 安全漏洞

Netty QUIC codec is a new experimental QUIC codec for Netty open source. A security vulnerability exists in versions prior to Netty QUIC codec 0.0.71.Final, which stems from a hash collision vulnerability that could lead to excessive server CPU load...

5.3CVSS6.3AI score0.00545EPSS
Exploits0References1
Veracode
Veracode
added 2025/02/25 5:39 a.m.7 views

Hash Collision Attack

tech.kwik, kwik is vulnerable to Hash collision attack. The vulnerability is due to a hash collision in the connection management hash table, allowing remote attackers to cause high CPU load via colliding Source Connection IDs SCIDs...

5.3CVSS6.7AI score0.00535EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/22 12:26 a.m.9 views

CVE-2025-23020

An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability in the hash table used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

5.3CVSS6.8AI score0.00535EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/22 12:26 a.m.6 views

CVE-2025-24947

A hash collision vulnerability in the hash table used to manage connections in LSQUIC aka LiteSpeed QUIC before 4.2.0 allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. This is caused by...

5.3CVSS6.9AI score0.00622EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/22 12:26 a.m.7 views

CVE-2025-24946

The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

5.3CVSS6.9AI score0.00506EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/02/20 3:32 a.m.11 views

Kwik hash collision vulnerability

An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability in the hash table used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

5.3CVSS5.2AI score0.00535EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/02/20 3:32 a.m.6 views

GHSA-9F57-9RHG-4HVM Kwik hash collision vulnerability

An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability in the hash table used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

5.3CVSS5.3AI score0.00535EPSS
Exploits0References5
NVD
NVD
added 2025/02/20 3:15 a.m.7 views

CVE-2025-24947

A hash collision vulnerability in the hash table used to manage connections in LSQUIC aka LiteSpeed QUIC before 4.2.0 allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs. This is caused by...

5.3CVSS0.00622EPSS
Exploits0References3
NVD
NVD
added 2025/02/20 3:15 a.m.7 views

CVE-2025-23020

An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability in the hash table used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

5.3CVSS0.00535EPSS
Exploits0References2
Snyk
Snyk
added 2025/02/20 2:44 a.m.5 views

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the hash table used to manage connections. An attacker can cause a considerable CPU load on the server by initiating connections with colliding Source Connection IDs SCIDs. Remediation Upgrade...

6.9CVSS6.9AI score0.00535EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/20 12:0 a.m.12 views

CVE-2025-24946

The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

5.3CVSS0.00506EPSS
Exploits0References2
OSV
OSV
added 2025/02/20 12:0 a.m.6 views

CVE-2025-23020

An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability in the hash table used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

5.3CVSS5.3AI score0.00535EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/20 12:0 a.m.7 views

Kwik 安全漏洞

Kwik is a client and server that implements the QUIC protocol RFC 9000 by the individual developer Peter Doornbosch in the Netherlands. A security vulnerability exists in Kwik prior to version 0.10.1, which stems from the inclusion of a hash conflict vulnerability. A remote attacker could exploit...

5.3CVSS6.4AI score0.00535EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/20 12:0 a.m.4 views

CVE-2025-23020

An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability in the hash table used to manage connections allows remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

5.3CVSS5.2AI score0.00535EPSS
Exploits0References2
CVE
CVE
added 2025/02/20 12:0 a.m.57 views

CVE-2025-23020

CVE-2025-23020 describes a hash collision vulnerability in Kwik before 0.10.1. The issue arises in the hash table used to manage connections, allowing remote attackers to induce a Hash DoS by sending connections with colliding Source Connection IDs, causing considerable CPU load. Affected softwar...

5.3CVSS5.3AI score0.00535EPSS
Exploits0References2
OSV
OSV
added 2025/02/20 12:0 a.m.6 views

CVE-2025-24946

The hash table used to manage connections in picoquic before b80fd3f uses a weak hash function, allowing remote attackers to cause a considerable CPU load on the server a Hash DoS attack by initiating connections with colliding Source Connection IDs SCIDs...

5.3CVSS6.9AI score0.00506EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/02/20 12:0 a.m.9 views

PT-2025-7549 · Lsquic · Lsquic

Name of the Vulnerable Software and Affected Versions: LSQUIC versions prior to 4.2.0 Description: A hash collision vulnerability in the hash table used to manage connections allows remote attackers to cause a considerable CPU load on the server by initiating connections with colliding Source...

5.3CVSS7.2AI score0.00622EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/02/20 12:0 a.m.4 views

picoquic 安全漏洞

picoquic is a minimal implementation of the QUIC protocol open-sourced by Private Octopus. A security vulnerability exists in picoquic that stems from the use of a weak hash function in the hash table used to manage connections. A remote attacker exploiting this vulnerability could cause...

5.3CVSS6.6AI score0.00506EPSS
Exploits0References2
CVE
CVE
added 2025/02/20 12:0 a.m.53 views

CVE-2025-24947

CVE-2025-24947 (LSQUIC) : LSQUIC (LiteSpeed QUIC) versions prior to 4.2.0 are affected by a hash collision vulnerability in the hash table used to manage connections. Remote attackers can trigger a Hash DoS by initiating connections with colliding Source Connection IDs (SCIDs) due to XXH32 usage,...

5.3CVSS5.3AI score0.00622EPSS
Exploits0References3
CVE
CVE
added 2025/02/20 12:0 a.m.53 views

CVE-2025-24946

The vulnerability (CVE-2025-24946) affects picoquic’s connection hash table, which uses a weak hash function. An attacker could cause high CPU load by opening connections with colliding Source Connection IDs (SCIDs), enabling a Hash DoS condition. The field notes indicate the issue exists in vers...

5.3CVSS5.3AI score0.00506EPSS
Exploits0References2
Rows per page
Query Builder