Skip to main content

Use of Uninitialized Resource

CVE-2022-38668

Severity High
Score 7.5/10

Summary

HTTP applications (servers) based on Crow may reveal potentially sensitive uninitialized data from stack memory when fulfilling a request for a static file smaller than 16 KB. This issue affects versions prior to 1.1.0.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • NONE

CWE-908 - Use of Uninitialized Resource

The software uses or accesses a resource that has not been initialized.

Advisory Timeline

  • Published