CVE-2023-4540

Summary

Improper Handling of Exceptional Conditions vulnerability in Daurnimator lua-http library allows Excessive Allocation and a denial of service (DoS) attack to be executed by sending a properly crafted request to the server. Such a request causes the program to enter an infinite loop.

This issue affects lua-http: all versions before commit ddab283.

Affected Software

VendorProductVersion RangeStatus
Daurnimatorlua-http0 < commit ddab283affected

Weaknesses

  • CWE-755: CWE-755 Improper Handling of Exceptional Conditions

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References