nhttpd
by Nostromo
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-16278 | 0.23 | — | 0.99 | KEV | Oct 14, 2019 | Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request. | ||
| CVE-2019-16279 | 0.07 | — | 0.20 | Oct 14, 2019 | A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request. | |||
| CVE-2022-48253 | 0.03 | — | 0.03 | Jan 11, 2023 | nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote server. The vulnerability occurs when the homedirs option is used. |
- risk 0.23cvss —epss 0.99
Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.
- CVE-2019-16279Oct 14, 2019risk 0.07cvss —epss 0.20
A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request.
- CVE-2022-48253Jan 11, 2023risk 0.03cvss —epss 0.03
nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote server. The vulnerability occurs when the homedirs option is used.