{"id":"DSA-5040-1","summary":"lighttpd - security update","modified":"2026-03-09T02:10:27.808546Z","published":"2022-01-11T00:00:00Z","upstream":["CVE-2022-22707","DEBIAN-CVE-2022-22707"],"affected":[{"package":{"name":"lighttpd","ecosystem":"Debian:10","purl":"pkg:deb/debian/lighttpd?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.53-4+deb10u2"}]}],"versions":["1.4.53-4","1.4.53-4+deb10u1","1.4.53-4+deb10u1~bpo9+1"],"database_specific":{"source":"https://storage.googleapis.com/debian-osv/dsa-osv/DSA-5040-1.json"}},{"package":{"name":"lighttpd","ecosystem":"Debian:11","purl":"pkg:deb/debian/lighttpd?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.4.59-1+deb11u1"}]}],"versions":["1.4.59-1"],"database_specific":{"source":"https://storage.googleapis.com/debian-osv/dsa-osv/DSA-5040-1.json"}}],"schema_version":"1.7.3"}