ehttp 1.0.6 before 17405b9 has an epoll_socket.cpp read_func use-after-free. An attacker can make many connections over a short time to trigger this.
7.5CVSS
7.4AI Score
0.0005EPSS
ehttp 1.0.6 before 17405b9 has a simple_log.cpp _log out-of-bounds-read during error logging for long strings.
7.5CVSS
7.5AI Score
0.0005EPSS