CVE-2022-38668

CVE-2022-38668

EPSS 1.1%

HTTP applications (servers) based on Crow through 1.0+4 may reveal potentially sensitive uninitialized data from stack memory when fulfilling a request for a static file smaller than 16 KB.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/0xhebi/CVEs/blob/main/Crow/CVE-2022-38668.md https://github.com/CrowCpp/Crow/pull/523 https://gynvael.coldwind.pl/?id=752