摘要:
Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.
安全等级: Low
公告ID: KylinSec-SA-2024-1092
发布日期: 2024年2月26日
关联CVE: CVE-2022-30780
Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2022-30780 | KY3.4-4A | lighttpd | Unaffected |
| CVE-2022-30780 | KY3.4-5A | lighttpd | Unaffected |
| CVE-2022-30780 | KY3.5.1 | lighttpd | Unaffected |
| CVE-2022-30780 | KY3.5.2 | lighttpd | Unaffected |
