daurnimator/lua-http

Releases4

Frequency1 year 4 months

Last Release over 5 years ago

Stars864

HTTP Library for Lua. Supports HTTP(S) 1.0, 1.1 and 2.0; client and server.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-4540 ↗	Sep 5, 2023Tuesday, 5 September 2023, 08:15	7.5 HIGH	—
Improper Handling of Exceptional Conditions vulnerability in Daurnimator lua-http library allows Excessive Allocation and a denial of service (DoS) attack to be executed by sending a properly crafted request to the server. Such a request causes the program to enter an infinite loop. This issue affects lua-http: all versions before commit ddab283.