CVE-2022-45474Use After Free in Drachtio-server

CWE-416Use After Free2 documents2 sources
Severity
9.8CRITICALNVD
EPSS
0.3%
top 42.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Drachtio Drachtio-server
Timeline
PublishedNov 18

Description

drachtio-server 0.8.18 has a request-handler.cpp event_cb use-after-free for any request.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

1
GHSA
GHSA-mc63-4cpc-gjqj: drachtio-server 02022-11-18