Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Nanohttpd Security Vulnerabilities

cve
cve

CVE-2022-21230

This affects all versions of package org.nanohttpd:nanohttpd. Whenever an HTTP Session is parsing the body of an HTTP request, the body of the request is written to a RandomAccessFile when the it is larger than 1024 bytes. This file is created with insecure permissions that allow its contents to...

5.5CVSS

5.4AI Score

0.0005EPSS

2022-05-01 04:15 PM
56
4
cve
cve

CVE-2020-13697

An issue was discovered in RouterNanoHTTPD.java in NanoHTTPD through 2.3.1. The GeneralHandler class implements a basic GET handler that prints debug information as an HTML page. Any web server that extends this class without implementing its own GET handler is vulnerable to reflected XSS, because....

6.1CVSS

6AI Score

0.001EPSS

2021-02-23 08:15 AM
45