CVE-2022-28229

HIGH WAF: Medium

CVSS 7.5 Published: 2022-12-23

CWE-400

The hash functionality in userver before 42059b6319661583b3080cab9b595d4f8ac48128 allows attackers to cause a denial of service via crafted HTTP request, involving collisions.

WAF Coverage Analysis

Uncontrolled Resource Consumption Medium WAF Coverage

OWASP: A05:2021 Security Misconfiguration

912xxx - DOS Protection

Affected Software

Vendor	Product	Version
userver	userver	up to 2022-11-18

References

userver.tech (Vendor Advisory)

Back to CVE Database