A vulnerability was found in davidmoreno onion. It has been rated as problematic. Affected by this issue is the function onion_response_flush of the file src/onion/response.c of the component Log Handler. The manipulation leads to allocation of resources. The name of the patch is de8ea938342b36c28024fd8393ebc27b8442a161. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-214028.
References
Link | Resource |
---|---|
https://github.com/davidmoreno/onion/commit/de8ea938342b36c28024fd8393ebc27b8442a161 | Patch Third Party Advisory |
https://github.com/davidmoreno/onion/pull/308 | Exploit Patch Third Party Advisory |
https://vuldb.com/?id.214028 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:56
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-770 |
28 Nov 2022, 13:41
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.2 |
First Time |
Onion Project
Onion Project onion Mozilla firefox Mozilla |
|
References | (N/A) https://github.com/davidmoreno/onion/commit/de8ea938342b36c28024fd8393ebc27b8442a161 - Patch, Third Party Advisory | |
References | (N/A) https://vuldb.com/?id.214028 - Third Party Advisory | |
References | (N/A) https://github.com/davidmoreno/onion/pull/308 - Exploit, Patch, Third Party Advisory | |
CPE | cpe:2.3:a:onion_project:onion:*:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:* |
20 Nov 2022, 02:44
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-19 19:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-4066
Mitre link : CVE-2022-4066
CVE.ORG link : CVE-2022-4066
JSON object : View
Products Affected
mozilla
- firefox
onion_project
- onion
CWE
CWE-404
Improper Resource Shutdown or Release