VYPR
Unrated severityNVD Advisory· Published Nov 24, 2012· Updated Jun 16, 2026

CVE-2012-5533

CVE-2012-5533

Description

The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.