CVE-2022-4066

high

Description

A vulnerability was found in davidmoreno onion. It has been rated as problematic. Affected by this issue is the function onion_response_flush of the file src/onion/response.c of the component Log Handler. The manipulation leads to allocation of resources. The name of the patch is de8ea938342b36c28024fd8393ebc27b8442a161. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-214028.

References

Advisories
More

https://vuldb.com/?id.214028

https://github.com/davidmoreno/onion/commit/de8ea938342b36c28024fd8393ebc27b8442a161

https://github.com/davidmoreno/onion/pull/308

Details

Source: Mitre, NVD

Published: 2022-11-19

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:C

Severity: High

CVSS v3

Base Score: 8.2

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

Severity: High

EPSS

EPSS: 0.00056