embedthis appweb CVE 漏洞（6）

CVE 數: 6 CPE versions: View versions table

摘要

本頁列出影響 embedthis appweb 的已公開 CVE 漏洞（透過 NVD CPE 關聯）。每列包含嚴重程度評分、摘要與發布日期，便於識別與分析安全議題。

CVE	摘要	來源	最高 CVSS	EPSS %	公開時間	更新時間
CVE-2021-33254	An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Community Edition 8.2.1, allows attackers to cause a denial of service via the stream paramter to the parseUri function.	[email protected]	7.5	0.46%	2022-06-02	2024-11-21
CVE-2020-15689	Appweb before 7.2.2 and 8.x before 8.1.0, when built with CGI support, mishandles an HTTP request with a Range header that lacks an exact range. This may result in a NULL pointer dereference and cause a denial of service.	[email protected]	7.5	0.42%	2020-07-13	2024-11-21
CVE-2018-15505	An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 address.	[email protected]	7.5	0.59%	2018-08-18	2024-11-21
CVE-2018-15504	An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.	[email protected]	7.5	0.98%	2018-08-18	2024-11-21
CVE-2018-8715	The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.	[email protected]	8.1	91.80%	2018-03-15	2024-11-21
CVE-2014-9708	Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".	[email protected]	5.0	4.51%	2015-03-31	2026-05-06

cvelogic Threat Intelligence