← back
CVE-2022-30780

CVE-2022-30780

EPSS 56.4%
Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/lighttpd/lighttpd1.4https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-servicehttps://podalirius.net/en/cves/2022-30780/https://redmine.lighttpd.net/issues/3059