VDB

GCVE-110-MAGEIA-2022-161

GCVE-110-MAGEIA-2022-161
Advisory Published
Vulnetix · Advisory published May 6, 2022
In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system. (CVE-2022-22707)

Affected Products

VendorProductVersionsPlatforms
Mageialighttpd0 (affected), 1.4.59-1.1.mga8 (unaffected), 0 (affected), 1.4.59-1.1.mga8 (unaffected)
Mageiamixxx0 (affected), 2.3.3-1.mga8 (unaffected)

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›