Lucene search

CVE-2023-22465

🗓️ 04 Jan 2023 16:09:15Reported by GitHub_MType

CVE-2023-22465: Fatal error in Http4s header parser

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
OSV	CVE-2023-22465	4 Jan 202316:15	–	osv
OSV	Http4s improperly parses User-Agent and Server headers	6 Jan 202320:24	–	osv
NVD	CVE-2023-22465	4 Jan 202316:15	–	nvd
Github Security Blog	Http4s improperly parses User-Agent and Server headers	6 Jan 202320:24	–	github
Prion	Design/Logic Flaw	4 Jan 202316:15	–	prion
Vulnrichment	CVE-2023-22465 Http4s has fatal error parsing User-Agent and Server headers	4 Jan 202315:30	–	vulnrichment
Cvelist	CVE-2023-22465 Http4s has fatal error parsing User-Agent and Server headers	4 Jan 202315:30	–	cvelist

Nvd

Vulners

Node

typelevel http4sRange0.1.0–0.21.34

typelevel http4sRange0.22.0–0.22.15

typelevel http4sRange0.23.0–0.23.17

typelevel http4sMatch1.0.0milestone1

typelevel http4sMatch1.0.0milestone10

typelevel http4sMatch1.0.0milestone11

typelevel http4sMatch1.0.0milestone12

typelevel http4sMatch1.0.0milestone13

typelevel http4sMatch1.0.0milestone14

typelevel http4sMatch1.0.0milestone15

typelevel http4sMatch1.0.0milestone16

typelevel http4sMatch1.0.0milestone17

typelevel http4sMatch1.0.0milestone18

typelevel http4sMatch1.0.0milestone19

typelevel http4sMatch1.0.0milestone2

typelevel http4sMatch1.0.0milestone20

typelevel http4sMatch1.0.0milestone21

typelevel http4sMatch1.0.0milestone22

typelevel http4sMatch1.0.0milestone23

typelevel http4sMatch1.0.0milestone24

typelevel http4sMatch1.0.0milestone25

typelevel http4sMatch1.0.0milestone26

typelevel http4sMatch1.0.0milestone27

typelevel http4sMatch1.0.0milestone28

typelevel http4sMatch1.0.0milestone29

typelevel http4sMatch1.0.0milestone3

typelevel http4sMatch1.0.0milestone30

typelevel http4sMatch1.0.0milestone31

typelevel http4sMatch1.0.0milestone32

typelevel http4sMatch1.0.0milestone33

typelevel http4sMatch1.0.0milestone34

typelevel http4sMatch1.0.0milestone35

typelevel http4sMatch1.0.0milestone36

typelevel http4sMatch1.0.0milestone37

typelevel http4sMatch1.0.0milestone4

typelevel http4sMatch1.0.0milestone5

typelevel http4sMatch1.0.0milestone6

typelevel http4sMatch1.0.0milestone7

typelevel http4sMatch1.0.0milestone8

typelevel http4sMatch1.0.0milestone9

[
  {
    "vendor": "http4s",
    "product": "http4s",
    "versions": [
      {
        "version": ">= 0.1.0, < 0.21.34",
        "status": "affected"
      },
      {
        "version": ">= 0.22.0, < 0.22.15",
        "status": "affected"
      },
      {
        "version": ">= 0.23.0, < 0.23.17",
        "status": "affected"
      },
      {
        "version": ">= 1.0.0-M1, < 1.0.0-M38",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/http4s/http4s/security/advisories/GHSA-54w6-vxfh-fw7f

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Jan 2023 16:15Current

5.6Medium risk

Vulners AI Score5.6

CVSS35.3 - 7.5

EPSS0.00051

SSVC

CWE-20