VYPR

nhttpd

by Nostromo

CVEs (3)

  • CVE-2019-16278KEVOct 14, 2019
    risk 0.23cvss epss 0.99

    Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.

  • CVE-2019-16279Oct 14, 2019
    risk 0.07cvss epss 0.20

    A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request.

  • CVE-2022-48253Jan 11, 2023
    risk 0.03cvss epss 0.03

    nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote server. The vulnerability occurs when the homedirs option is used.