EmbedThis AppWeb 5.1.0

CPE Details

EmbedThis AppWeb 5.1.0
embedthis
appweb
5.1.0
2015-03-31
16h41 +00:00
2015-04-06
14h58 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:embedthis:appweb:5.1.0:*:*:*:*:*:*:*

Informations

Vendor

embedthis

Product

appweb

Version

5.1.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2020-15689 2020-07-13 11h48 +00:00 Appweb before 7.2.2 and 8.x before 8.1.0, when built with CGI support, mishandles an HTTP request with a Range header that lacks an exact range. This may result in a NULL pointer dereference and cause a denial of service.
7.5
Haute
CVE-2018-15504 2018-08-17 22h00 +00:00 An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.
7.5
Haute
CVE-2018-15505 2018-08-17 22h00 +00:00 An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']' character in an IPv6 address.
7.5
Haute
CVE-2018-8715 2018-03-14 19h00 +00:00 The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.
8.1
Haute
CVE-2014-9708 2015-03-30 22h00 +00:00 Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x=,".
5