[SECURITY] Fedora 42 Update: rust-prometheus_exporter-0.8.5-5.fc42

Helper libary to export prometheus metrics using tiny-http...

[SECURITY] Fedora 43 Update: rust-prometheus_exporter-0.8.5-5.fc43

Helper libary to export prometheus metrics using tiny-http...

reasy (>=1.0.0 <=1.5.1), reasy-pure (>=0.0.5 <=1.0.4) +1 more potentially affected by CVE-2017-16097 via tiny-http (>=1.2.2 <=2.0.8)

tiny-http NPM version =1.2.2, =1.0.0, =0.0.5, =1.1.0, =2.1.4 Source cves: CVE-2017-16097 Source advisory: OSV:GHSA-CCH6-5X4H-6QC5...

GHSA-CCH6-5X4H-6QC5 Directory Traversal in tiny-http

Affected versions of tiny-http resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...

Directory Traversal in tiny-http

Affected versions of tiny-http resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system. Example...

tiny-http directory traversal vulnerability

tiny-http is an http server. A directory traversal vulnerability exists in tiny-http. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

Directory Traversal

tiny-http is vulnerable to directory traversal attacks. This is possible by requesting a url such as /..%2f..%2fetc/passwd to get sensitive information...

CVE-2017-16097

tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16097

tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16097

CVE-2017-16097 concerns the tiny-http library, a simple HTTP server. The accompanying advisories describe a directory traversal vulnerability where crafted URLs containing relative paths (e.g., ../) allow access to files outside the intended root. Affected versions resolve relative file paths imp...

Directory Traversal

Overview Affected versions of tiny-http resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

Tiny HTTP Server <= 1.1.9 Path Traversal Vulnerability - Active Check

Tiny HTTP server is prone to a path traversal vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Tiny HTTP Server Remote Denial of Service Vulnerability

Tiny HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Tiny HTTP Server 1.1.9 - Remote Crash (PoC)

Tiny HTTP Server 1.1.9 - Remote Crash PoC !/usr/bin/python Tiny HTTP Server \n" %sys.argv0 sys.exit payload = "X" 658 try: print "\n! Connecting to %s ..." %sys.argv1 httpServ = httplib.HTTPConnectionsys.argv1 , intsys.argv2 httpServ.connect print "! Sending payload..." httpServ.request'GET', "/"...

Tiny HTTP Server <=v1.1.9 Remote Crash PoC

Exploit for windows platform in category dos / poc !/usr/bin/python Tiny HTTP Server \n" %sys.argv0 sys.exit payload = "X" 658 try: print "\n! Connecting to %s ..." %sys.argv1 httpServ = httplib.HTTPConnectionsys.argv1 , intsys.argv2 httpServ.connect print "! Sending payload..."...