CVE-2022-38668

CVE-2022-38668

EPSS 1.1%

HTTP applications (servers) based on Crow through 1.0+4 may reveal potentially sensitive uninitialized data from stack memory when fulfilling a request for a static file smaller than 16 KB.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/0xhebi/CVEs/blob/main/Crow/CVE-2022-38668.md https://github.com/CrowCpp/Crow/pull/523 https://gynvael.coldwind.pl/?id=752