Analyzed
3 months
ago.
based on code collected
4 months
ago.
Major Versions
click and drag to zoom
Security Vulnerabilities for Version:
Severities:
Type
|
Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
|---|---|---|---|---|---|
| CVE-2020-12845 | BDSA-2020-1927 | High | Jul 27, 2020 | Cherokee 0.4.27 to 1.2.104 is affected by a denial of service due to a NULL pointer dereferences. A remote unauthenticated attacker can crash the serve more... |
1.2.104, v1.0.21, 1.2.103, 1.2.101, 1.2.102, 1.2.99, 1.2.98, 1.2.2, 1.2.1, 1.2.0
|
| CVE-2019-20800 | BDSA-2019-4695 | Critical | May 18, 2020 | In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many more... |
1.2.104, v1.0.21, 1.2.103, 1.2.101, 1.2.102, 1.2.99, 1.2.98, 1.2.2, 1.2.1, 1.2.0
|
| CVE-2019-20799 | BDSA-2019-4696 | High | May 18, 2020 | In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to destabilize the work of a server. |
1.2.104, v1.0.21, 1.2.103, 1.2.101, 1.2.102, 1.2.99, 1.2.98, 1.2.2, 1.2.1, 1.2.0
|
| CVE-2019-20798 | BDSA-2019-4694 | High | May 18, 2020 | An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104. The requested URL is improperly displayed on the About page in the de more... |
1.2.104, v1.0.21, 1.2.103, 1.2.101, 1.2.102, 1.2.99, 1.2.98, 1.2.2, 1.2.1, 1.2.0
|
| BDSA-2018-5164 | Medium | Aug 03, 2020 | Cherokee Webserver contains a buffer overflow vulnerability due to a lack of input validation. Attackers could use a maliciously crafted input file to more... |
