2 matches found
CVE-2023-50965
CVE-2023-50965 affects MicroHttpServer up to version 4398570, where _ReadStaticFiles in lib/middleware.c performs unsafe HTTP request parsing and can overflow a fixed-size stack buffer when given a long URI, enabling remote code execution. The connected exploit documentation provides PoC details ...
CVE-2023-51771
CVE-2023-51771 : In MicroHttpServer (through a8ab029), the function _ParseHeader in lib/server.c allows a one-byte recv buffer overflow via a long URI. Reports across sources confirm the issue in the affected build; CVSS v3.1 base score 9.8 (CRITICAL) with network access, no user interaction requ...