Description
lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.
Remediation
References
Related Vulnerabilities
Python Uncontrolled Recursion Vulnerability (CVE-2023-36632)
WebLogic CVE-2020-14687 Vulnerability (CVE-2020-14687)
e107 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-1989)
OpenSSL Inadequate Encryption Strength Vulnerability (CVE-2014-0224)
WordPress Plugin Multi Rating Multiple Unspecified Vulnerabilities (3.2.1)