CVE-2022-38667
Last modified
CVE-2022-38667 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. HTTP applications (servers) based on Crow through 1.0+4 may allow a Use-After-Free and code execution when HTTP pipelining is used. The HTTP parser supports HTTP pipelining, but the asynchronous Connection layer is unaware of HTTP pipelining. EPSS estimates a 2.13% chance of exploitation in the next 30 days.
Description
HTTP applications (servers) based on Crow through 1.0+4 may allow a Use-After-Free and code execution when HTTP pipelining is used. The HTTP parser supports HTTP pipelining, but the asynchronous Connection layer is unaware of HTTP pipelining. Specifically, the Connection layer is unaware that it has begun processing a later request before it has finished processing an earlier request.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Crowcpp | Crow | <= 1.0\+4 |
References
- https://cwe.mitre.org/data/definitions/372.htmlTechnical Description, Third Party Advisory
- https://github.com/0xhebi/CVEs/blob/main/Crow/CVE-2022-38667.mdExploit, Third Party Advisory
- https://github.com/CrowCpp/Crow/pull/524Patch, Third Party Advisory
- https://gynvael.coldwind.pl/?id=753Exploit, Third Party Advisory
- https://cwe.mitre.org/data/definitions/372.htmlTechnical Description, Third Party Advisory
- https://github.com/0xhebi/CVEs/blob/main/Crow/CVE-2022-38667.mdExploit, Third Party Advisory
- https://github.com/CrowCpp/Crow/pull/524Patch, Third Party Advisory
- https://gynvael.coldwind.pl/?id=753Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-38667?
How severe is CVE-2022-38667?
How do I fix CVE-2022-38667?
Are you affected by CVE-2022-38667?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST