彙總 apsis 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
歷史漏洞主要涉及 緩衝區溢位與跨站腳本 等安全問題,並影響 生產負載與軟體部署 相關場景。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2018-21245 | Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711. | [email protected] | 9.1 | 0.29% | 2020-06-15 | 2024-11-21 |
| CVE-2016-10711 | Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751. | [email protected] | 9.8 | 1.00% | 2018-01-29 | 2024-11-21 |
| CVE-2005-3751 | HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web caches, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with conflicting Content-length and Transfer-encoding headers. | [email protected] | 4.3 | 1.77% | 2005-11-22 | 2026-04-16 |
| CVE-2005-1391 | Buffer overflow in the add_port function in APSIS Pound 1.8.2 and earlier allows remote attackers to execute arbitrary code via a long Host HTTP header. | [email protected] | 7.5 | 7.76% | 2005-05-03 | 2026-04-16 |
| CVE-2004-2026 | Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages. | [email protected] | 7.5 | 32.74% | 2004-12-31 | 2026-04-16 |