Published: 11/06/2022 Updated: 08/08/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Lighttpd 1.4.56 up to and including 1.4.58 allows a remote malicious user to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.

Vulnerable Product	Search on Vulmon	Subscribe to Product
lighttpd lighttpd 1.4.57
lighttpd lighttpd 1.4.58
lighttpd lighttpd 1.4.56

CVE-2022-30780 - lighttpd remote denial of service

CVE-2022-30780 - lighttpd remote denial of service CVE-2022-30780 - lighttpd remote denial of service Summary An unauthenticated attacker can send an HTTP request with an URL overflowing the maximum URL length, resulting in a denial of service Vulnerable versions The following versions of lighttpd are vulnerable: Software Version Vulnerable

CWE-682 https://redmine.lighttpd.net/issues/3059 https://podalirius.net/en/cves/2022-30780/https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service https://github.com/lighttpd/lighttpd1.4 https://nvd.nist.gov https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-30780

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect