Unrated severityNVD Advisory· Published May 17, 2020· Updated Aug 5, 2024
CVE-2019-20800
CVE-2019-20800
Description
In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many "Host: 127.0.0.1" headers.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Cherokee/Cherokeedescription
- Range: <=1.2.104
Patches
Vulnerability mechanics
References
3- security.gentoo.org/glsa/202012-09mitrevendor-advisoryx_refsource_GENTOO
- github.com/cherokee/webserver/issues/1224mitrex_refsource_MISC
- logicaltrust.net/blog/2019/11/cherokee.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.