Lucene search
GoogleOSV:CVE-2022-31019HistoryJun 09, 2022 - 1:15 p.m.
CVE-2022-31019
2022-06-0913:15:08
Google
osv.dev
2
vapor
swift
http
framework
vulnerability
unbounded stack growth
stack overflow
process crash
fix
version 4.61.1
Vapor is a server-side Swift HTTP web framework. When using automatic content decoding an attacker can craft a request body that can make the server crash with the following request: curl -d "array[_0][0][array][_0][0][array]$(for f in $(seq 1100); do echo -n '[_0][0][array]'; done)[string][_0]=hello%20world" http://localhost:8080/foo. The issue is unbounded, attacker controlled stack growth which will at some point lead to a stack overflow and a process crash. This issue has been fixed in version 4.61.1.
Related
veracode
veracode
Denial Of Service (DoS)
2022-06-10 06:10:44
cvelist
cvelist
CVE-2022-31019 DoS Vulnerability in URLEncodedFormDecoder in Vapor
2022-06-06 21:05:20
github
github
Vapor vulnerable to denial of service in URLEncodedFormDecoder
2023-06-07 16:11:16
prion
prion
Stack overflow
2022-06-09 13:15:00
osv
osv
Vapor vulnerable to denial of service in URLEncodedFormDecoder
2023-06-07 16:11:16
cnvd
cnvd
Vapor Denial of Service Vulnerability
2022-06-13 00:00:00
gitlab
gitlab
Vapor vulnerable to denial of service in URLEncodedFormDecoder
2023-06-07 00:00:00
nvd
nvd
CVE-2022-31019
2022-06-09 13:15:08
cve
cve
CVE-2022-31019
2022-06-09 13:15:08