CVE-2022-30780

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
5
MEDIUM
Affected
2
PROJECTS

Description

Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.

lighttpd/lighttpd1.4
lighttpd/lighttpd1.4
lighttpd1.4 on github for easier collaboration - main repo still on lighttpd.net
GitHubGitHub
697
p0dalirius/CVE-2022-30780-lighttpd-denial-of-service
p0dalirius/CVE-2022-30780-lighttpd-denial-of-service
CVE-2022-30780 - lighttpd remote denial of service
GitHubGitHub
17