16 matches found
EUVD-2024-21687
Malicious code in bioql PyPI...
CVE-2024-24263
Lotos WebServer v0.1.1 was discovered to contain a Use-After-Free UAF vulnerability via the responseappendstatusline function at /lotos/src/response.c...
CVE-2024-22088
Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...
CVE-2024-24263
Lotos WebServer v0.1.1 was discovered to contain a Use-After-Free UAF vulnerability via the responseappendstatusline function at /lotos/src/response.c...
Double free
Lotos WebServer v0.1.1 was discovered to contain a Use-After-Free UAF vulnerability via the responseappendstatusline function at /lotos/src/response.c...
PT-2024-20331 · Unknown · Lotos Webserver
Name of the Vulnerable Software and Affected Versions: Lotos WebServer version 0.1.1 Description: A Use-After-Free UAF issue was discovered in the response append status line function at /lotos/src/response.c. This issue can be exploited, but details about the estimated number of potentially...
CVE-2024-24263
Lotos WebServer v0.1.1 was discovered to contain a Use-After-Free UAF vulnerability via the responseappendstatusline function at /lotos/src/response.c...
Lotos WebServer Security Vulnerability
Lotos WebServer is a small but high-performance HTTP WebServer that follows the Reactor model and uses non-blocking IO and IO multiplexing epoll ET to handle concurrency. A security vulnerability exists in Lotos WebServer version v0.1.1, which was discovered to contain a memory reuse-after-freedo...
CVE-2024-24263
Lotos WebServer v0.1.1 contains a Use-After-Free (UAF) vulnerability in the function response_append_status_line (file /lotos/src/response.c). Root cause: memory reuse after freeing, enabling potential server instability or crashes. Impact: high availability (per CVSS vector AV:N/AC:L/PR:N/UI:N/S...
CVE-2024-22088
Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...
CVE-2024-22088
Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...
Lotos WebServer Security Vulnerability
Lotos WebServer is a small but high-performance HTTP WebServer that follows the Reactor model and uses non-blocking IO and IO multiplexing epoll ET to handle concurrency. A security vulnerability exists in Lotos WebServer version 0.1.1 and earlier, which stems from improper realloc handling, the...
CVE-2024-22088
CVE-2024-22088 affects Lotos WebServer up to version 0.1.1. The issue is a use-after-free in buffer_avail() in buffer.h triggered by handling a long URI, caused by mishandling of realloc. Documentation across multiple sources (NVD/Red Hat OSV/CNNVD/CVE records) confirms the same description, with...
CVE-2024-22088
Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...
PT-2024-19199 · Unknown · Lotos Webserver
Name of the Vulnerable Software and Affected Versions: Lotos WebServer versions through 0.1.1 Description: The issue is related to a use-after-free in the buffer avail function at buffer.h, which occurs when handling a long URI. This is due to the mishandling of realloc. Recommendations: For...
CVE-2024-22088
Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...