Race Condition in NGINX Allows Improper HTTP Request Routing
CVE-2022-2583 Published on December 27, 2022

Race condition in github.com/ntbosscher/gobase
A race condition can cause incorrect HTTP request routing.

NVD

Vulnerability Analysis

CVE-2022-2583 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

LOW

Availability Impact:

NONE

Products Associated with CVE-2022-2583

stack.watch emails you whenever new vulnerabilities are published in Gobaseproject Gobase or nginx. Just hit a watch button to start following.

Gobaseproject Gobase

nginx

Affected Versions

github.com/ntbosscher/gobase/auth/httpauth:

Before 0.7.2 is affected.

Exploit Probability

EPSS

0.18%

Percentile

39.24%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Race Condition in NGINX Allows Improper HTTP Request RoutingCVE-2022-2583 Published on December 27, 2022

Vulnerability Analysis

Products Associated with CVE-2022-2583

Affected Versions

Exploit Probability

Race Condition in NGINX Allows Improper HTTP Request Routing
CVE-2022-2583 Published on December 27, 2022