3 matches found
Multiple vulnerabilities in GNU Libmicrohttpd
Overview GNU Libmicrohttpd provided by GNU Project contains multiple vulnerabilities listed below. NULL pointer dereference CWE-476 - CVE-2025-59777 Heap-based buffer overflow CWE-122 - CVE-2025-62689 Tatsuhiko Yasumatsu of Mitsui Bussan Secure Directions, Inc. reported these vulnerabilities to...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via libmicrohttpdws.so when building with the --enable-experimental option. An attacker can cause the application to crash by sending malicious network traffic. Workaround Users are advised to avoid using the...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via libmicrohttpdws.so when building with the --enable-experimental option. An attacker can cause the application to crash by sending malicious network traffic. Workaround Users are advised to avoid using the...