CVE-2023-51771

CVE-2023-51771 : In MicroHttpServer (through a8ab029), the function _ParseHeader in lib/server.c allows a one-byte recv buffer overflow via a long URI. Reports across sources confirm the issue in the affected build; CVSS v3.1 base score 9.8 (CRITICAL) with network access, no user interaction requ...

PT-2023-31889 · Unknown · Microhttpserver

Name of the Vulnerable Software and Affected Versions: MicroHttpServer versions through a8ab029 Description: The issue allows a one-byte recv buffer overflow via a long URI in the ParseHeader function located in lib/server.c. Recommendations: For versions through a8ab029, consider restricting...

Micro HTTP Server Security Vulnerability

Micro HTTP Server is a very simple HTTP server for prototyping by the individual developer Jian-Hong Pan in China. A security vulnerability exists in Micro HTTP Server that stems from allowing stack-based buffer overflows and potential remote code execution...

CVE-2023-50965

CVE-2023-50965 affects MicroHttpServer up to version 4398570, where _ReadStaticFiles in lib/middleware.c performs unsafe HTTP request parsing and can overflow a fixed-size stack buffer when given a long URI, enabling remote code execution. The connected exploit documentation provides PoC details ...