Description
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access.
Remediation
References
Related Vulnerabilities
WordPress Plugin Galleries by Angie Makes Cross-Site Scripting (1.67)
MySQL CVE-2025-50083 Vulnerability (CVE-2025-50083)
WordPress Plugin wordpress vertical image slider Multiple Vulnerabilities (1.0)
WordPress Plugin Product Addons & Fields for WooCommerce Cross-Site Scripting (32.0.6)
UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229)