AVG-2361 log

Package ulfius
Status Fixed
Severity Medium
Type insufficient validation
Affected 2.7.3-2
Fixed 2.7.4-1
Current 2.7.4-1 [community]
Ticket None
Created Thu Sep 9 12:42:06 2021
Issue Severity Remote Type Description
CVE-2021-40540 Medium Yes Insufficient validation
ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info initialization and a con_info->request NULL check for certain malformed HTTP requests.