ID CVE-2024-22088
Summary Lotos WebServer through 0.1.1 (commit 3eb36cc) has a use-after-free in buffer_avail() at buffer.h via a long URI, because realloc is mishandled.
References
Vulnerable Configurations
  • cpe:2.3:a:chendotjs:lotos_webserver:0.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:chendotjs:lotos_webserver:0.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:chendotjs:lotos_webserver:0.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:chendotjs:lotos_webserver:0.1.1:*:*:*:*:*:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 04-09-2024 - 21:35
Published 05-01-2024 - 04:15
Last modified 04-09-2024 - 21:35
Back to Top