Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A hash collision vulnerability (in the hash table used to manage connections) in LSQUIC (aka LiteSpeed QUIC) before 4.2.0 allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). This is caused by XXH32 usage.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
算法复杂性
Vulnerability Title
Litespeed Technologie LiteSpeed QUIC(LSQUIC) 安全漏洞
Vulnerability Description
Litespeed Technologie LiteSpeed QUIC(LSQUIC)是美国Litespeed Technologie公司的一种用于服务器和客户端的 QUIC 和 HTTP/3 功能的开源实现。 Litespeed Technologie LiteSpeed QUIC(LSQUIC) 4.2.0版本之前存在安全漏洞,该漏洞源于存在哈希冲突漏洞。
CVSS Information
N/A
Vulnerability Type
N/A