CVE-2022-28994

CRITICAL

Small HTTP Server <3.06 - Buffer Overflow

Title source: llm

Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request.

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

CVSS v3 9.8

EPSS 0.0095

EPSS Percentile 76.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-120

Status published

Products (1)

smallsrv/small_http_server 3.06

Published Apr 29, 2022

Tracked Since Feb 18, 2026