Information Exposure Affecting openwrt package, versions [,21.02.3) [22.0.0,22.03.0-rc6)


0.0
medium

Snyk CVSS

    Attack Complexity Low
Expand this section
NVD
7.5 high

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-UNMANAGED-OPENWRT-3027427
  • published 20 Sep 2022
  • disclosed 20 Sep 2022
  • credit Unknown

How to fix?

Upgrade openwrt to version 21.02.3, 22.03.0-rc6 or higher.

Overview

Affected versions of this package are vulnerable to Information Exposure due to it contains two skip loops in the function header_value().