CVE-2025-23020

Name of the Vulnerable Software and Affected Versions Kwik versions prior to 0.10.1

Description A hash collision vulnerability in the hash table used to manage connections allows remote attackers to cause a considerable CPU load on the server by initiating connections with colliding Source Connection IDs (SCIDs). This results in a Hash DoS attack.

Recommendations For versions prior to 0.10.1, update to version 0.10.1 or later to resolve the issue. As a temporary workaround, consider implementing measures to limit the impact of excessive connection requests on the server, such as rate limiting or IP blocking, until a patch is applied.