Maven package
tech.kwik/kwik
pkg:maven/tech.kwik/kwik
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-23020 | Med | 5.3 | < 0.10.1 | 0.10.1 | Feb 20, 2025 | An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability (in the hash table used to manage connections) allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs ( | |
| CVE-2024-22588 | Med | 6.5 | < 0.8 | 0.8 | May 24, 2024 | Kwik commit 745fd4e2 does not discard unused encryption keys. |
- affected < 0.10.1fixed 0.10.1
An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability (in the hash table used to manage connections) allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (
- affected < 0.8fixed 0.8
Kwik commit 745fd4e2 does not discard unused encryption keys.