CVE-2022-38667

{"id": "CVE-2022-38667", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-08-22T20:15:08.520", "references": [{"url": "https://cwe.mitre.org/data/definitions/372.html", "tags": ["Technical Description", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/0xhebi/CVEs/blob/main/Crow/CVE-2022-38667.md", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/CrowCpp/Crow/pull/524", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://gynvael.coldwind.pl/?id=753", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "HTTP applications (servers) based on Crow through 1.0+4 may allow a Use-After-Free and code execution when HTTP pipelining is used. The HTTP parser supports HTTP pipelining, but the asynchronous Connection layer is unaware of HTTP pipelining. Specifically, the Connection layer is unaware that it has begun processing a later request before it has finished processing an earlier request."}, {"lang": "es", "value": "Las aplicaciones HTTP (servidores) basadas en Crow hasta 1.0+4 pueden permitir un Use-After-Free y la ejecuci\u00f3n de c\u00f3digo cuando se utiliza HTTP pipelining. El parser HTTP soporta HTTP pipelining, pero la capa de conexi\u00f3n as\u00edncrona no es consciente de HTTP pipelining. Espec\u00edficamente, la capa de conexi\u00f3n no es consciente de que ha comenzado a procesar una solicitud posterior antes de que haya terminado de procesar una solicitud anterior"}], "lastModified": "2022-10-28T19:04:27.337", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:crowcpp:crow:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73462FC6-105D-430B-B879-0144267AA549", "versionEndIncluding": "1.0\\+4"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}