High severity8.2NVD Advisory· Published Oct 27, 2022· Updated Jun 17, 2026
CVE-2022-2809
CVE-2022-2809
Description
A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. When fuzzing the multipart_parser code using AFL++ with address sanitizer enabled to find smallest memory corruptions possible. It detected problem in how multipart_parser handles unclosed http headers. If long enough http header is passed in the multipart form without colon there is one byte overwrite on heap. It can be conducted multiple times in a loop to cause DoS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 2.10
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.