Vulnerabilities > CVE-2023-50694 - Unspecified vulnerability in Dom96 Httpbeast

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

dom96

critical

NVD

Published: 2024-01-19

Updated: 2024-11-21

Summary

An issue in dom96 HTTPbeast v.0.4.1 and before allows a remote attacker to send a malicious crafted request due to insufficient parsing in the parser.nim component.

Vulnerable Configurations

Part	Description	Count
Application	Dom96 Dom96 Httpbeast - Dom96 Httpbeast 0.1.0 Dom96 Httpbeast 0.2.0 Dom96 Httpbeast 0.2.1 Dom96 Httpbeast 0.2.2 Dom96 Httpbeast 0.3.0 Dom96 Httpbeast 0.4.0 Dom96 Httpbeast 0.4.1	8

References

https://gist.github.com/anas-cherni/c95e2fc1fd84d93167eb60193318d0b8
https://gist.github.com/anas-cherni/c95e2fc1fd84d93167eb60193318d0b8
https://github.com/dom96/httpbeast/issues/95
https://github.com/dom96/httpbeast/issues/95
https://github.com/dom96/httpbeast/pull/96
https://github.com/dom96/httpbeast/pull/96