Lucene search
MitreCVELIST:CVE-2022-37797HistorySep 12, 2022 - 12:00 a.m.
CVE-2022-37797
2022-09-1200:00:00
mitre
www.cve.org
7
lighttpd mod_wstunnel denial of service
EPSS
0.002
Percentile
57.7%
In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.
Related
debian
debian
[SECURITY] [DLA 3133-1] lighttpd security update
2022-10-03 07:47:47
[SECURITY] [DSA 5243-1] lighttpd security update
2022-09-28 16:05:19
nessus
nessus
Amazon Linux AMI : lighttpd (ALAS-2023-1705)
2023-03-22 00:00:00
openSUSE 15 Security Update : lighttpd (openSUSE-SU-2022:10132-1)
2022-09-30 00:00:00
Debian DLA-3133-1 : lighttpd - LTS security update
2022-10-05 00:00:00
openvas
openvas
Lighttpd < 1.4.66 DoS Vulnerability
2022-09-13 00:00:00
openSUSE: Security Advisory for lighttpd (openSUSE-SU-2022:10132-1)
2024-03-04 00:00:00
Debian: Security Advisory (DLA-3133-1)
2022-10-05 00:00:00
prion
prion
Null pointer dereference
2022-09-12 15:15:00
ubuntucve
ubuntucve
CVE-2022-37797
2022-09-12 00:00:00
debiancve
debiancve
CVE-2022-37797
2022-09-12 15:15:08
suse
suse
Security update for lighttpd (moderate)
2022-09-29 00:00:00
cve
cve
CVE-2022-37797
2022-09-12 15:15:08
osv
osv
lighttpd-1.4.66-1.1 on GA media
2024-06-15 00:00:00
lighttpd - security update
2022-10-03 00:00:00
CVE-2022-37797
2022-09-12 15:15:08
veracode
veracode
Denial Of Service (DoS)
2022-09-17 17:55:59
redos
redos
ROS-20221004-02
2022-10-04 00:00:00
amazon
amazon
Important: lighttpd
2023-03-17 15:53:00
nvd
nvd
CVE-2022-37797
2022-09-12 15:15:08
mageia
mageia
Updated lighttpd packages fix security vulnerability
2022-10-13 23:05:19
gentoo
gentoo
Lighttpd: Denial of Service
2022-10-31 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00