VYPR

Embedthis HTTP library

by Embedthis

CVEs (1)

  • CVE-2018-8715HigMar 15, 2018
    risk 0.54cvss 8.1epss 0.20

    The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types.