CVE-2022-30592

CRITICAL

Litespeedtech Lsquic < 3.1.0 - NULL Pointer Dereference

Title source: rule

liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY.

nomisec WORKING POC 79 stars

by efchatz · poc

CVSS v3 9.8

EPSS 0.0839

EPSS Percentile 92.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-476

Status published

Products (1)

litespeedtech/lsquic < 3.1.0

Published May 11, 2022

Tracked Since Feb 18, 2026