Vulnerabilities > CVE-2023-4540 - Improper Handling of Exceptional Conditions vulnerability in Daurnimator Lua-Http 0.4

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
daurnimator
CWE-755

Summary

Improper Handling of Exceptional Conditions vulnerability in Daurnimator lua-http library allows Excessive Allocation and a denial of service (DoS) attack to be executed by sending a properly crafted request to the server. Such a request causes the program to enter an infinite loop. This issue affects lua-http: all versions before commit ddab283.

Vulnerable Configurations

Part Description Count
Application
Daurnimator
1