CRITICAL🇵🇱 Wersja polska

CVE-2022-30592

CVSS 9.8v3.1pub. 2022-05-11upd. 2024-11-21

liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Litespeedtech Lsquic

    APP
    Litespeedtech
    < 3.1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-25678CRITICAL9.8PL ✓ten sam produkt

Błędna walidacja DCID w bibliotece LiteSpeed QUIC (LSQUIC)

CVE-2025-54939MEDIUM5.3ten sam produkt

LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.

CVE-2026-48172CRITICAL10.0⚠ KEVPL ✓ten sam vendor

LiteSpeed cPanel Plugin — privilege escalation (możliwe root) via Redis

CVE-2024-44000CRITICAL9.8PL ✓ten sam vendor

LiteSpeed Cache – nieuwierzytelnione przejęcie konta przez ujawnione dane logowania

CVE-2024-28000CRITICAL9.8PL ✓ten sam vendor

Privilege escalation bez uwierzytelnienia w LiteSpeed Cache dla WordPress