QUICTester
QUICTester
/ gist:ea3eb2ac736bb63e47c654e14e3ec556
Last active
May 26, 2024 03:28
No state machine in Kwik TLS engine.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This vulnerability was found in Kwik (https://github.com/ptrd/kwik) which is using Agent15 (https://github.com/ptrd/agent15) | |
| as the TLS engine. | |
| For Kwik (QUIC implementation): | |
| Found in 745fd4e2d8d104b9cf1e8342d150ff8967c65892 | |
| Fixed in 11862d54d72de63abd0b76ca6bb9df56e634212c | |
| For Agent15 (TLS implementation): | |
| Found in bcaf02e6f75cc14b1aff7cbaa8ea28188f1398b0 | |
| Fixed in d6b46538cbfd60a66ef58848212ec2204d00e535 |
QUICTester
/ gist:29a1851c2b2a406411f688735526fe2e
Last active
May 26, 2024 02:58
Retention of unused encryption keys in Kwik server.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| This Vulnerability was found in Kwik (https://github.com/ptrd/kwik). | |
| Found in commit 745fd4e2d8d104b9cf1e8342d150ff8967c65892 | |
| Fixed in commit 040b0d1327bfb0a8e35c23c2bd612a4a39b721d4 | |
| Affected Component: Client-Server QUIC connections. | |
| Attack Type: Remote | |
| Impact Denial of Service: True | |
| Vulnerability details: |