Chunked Encoding Mismanagement in OpenLiteSpeed
CVE-2024-31617

5.3MEDIUM

Key Information:

Vendor: LiteSpeed Technologies
Status: Openlitespeed
Vendor: CVE Published:; 22 May 2024

🔔 Create LiteSpeed Technologies Vulnerability Alert

What is CVE-2024-31617?

OpenLiteSpeed, a popular open-source web server, prior to version 1.8.1, exhibits a vulnerability related to the mishandling of chunked encoding. This issue could lead to unexpected behavior or further security risks, potentially allowing malicious interactions with the server. Users and administrators of OpenLiteSpeed are recommended to upgrade to version 1.8.1 or later to address this vulnerability and safeguard their systems effectively.

References

https://github.com/litespeedtech/openlitespeed/releases/t...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 22, 2024

JSON