← back
CVE-2021-40540

CVE-2021-40540

EPSS 2.5%
ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/164152/Ulfius-Web-Framework-Remote-Memory-Corruption.htmlhttps://github.com/babelouest/ulfius/commit/c83f564c184a27145e07c274b305cabe943bbfaahttps://github.com/babelouest/ulfius/compare/v2.7.3...v2.7.4