CVE-2024-22590

CRITICAL Year: 2024
CVSS v3 Score
9.1
Critical
Weakness Type
CWE-372
View all →

Vulnerability Description

The TLS engine in Kwik commit 745fd4e2 does not track the current state of the connection. This vulnerability can allow Client Hello messages to be overwritten at any time, including after a connection has been established.

Related Vulnerabilities

CVE-2020-27222

HIGH
CVSS:7.5(High)

In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong intern...

CWE-3722020

CVE-2023-4012

HIGH
CVSS:7.5(High)

ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3).

CWE-3722023

CVE-2020-27222

HIGH
CVSS:7.5(High)

In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong intern...

CWE-3722020

CVE-2023-4012

HIGH
CVSS:7.5(High)

ntpd will crash if the server is not NTS-enabled (no certificate) and it receives an NTS-enabled client request (mode 3).

CWE-3722023

CVE-2021-25735

MEDIUM
CVSS:6.5(Medium)

A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admi...

CWE-3722021

CVE-2023-36834

MEDIUM
CVSS:6.5(Medium)

An Incomplete Internal State Distinction vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series allows an adjacent attacker to cause a Denial ...

CWE-3722023