Vulnerabilities > Cherokee Project > Cherokee
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-27 | CVE-2020-12845 | NULL Pointer Dereference vulnerability in Cherokee-Project Cherokee Cherokee 0.4.27 to 1.2.104 is affected by a denial of service due to a NULL pointer dereferences. | 7.5 |
| 2020-05-18 | CVE-2019-20800 | Out-of-bounds Write vulnerability in Cherokee-Project Cherokee In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many "Host: 127.0.0.1" headers. | 9.8 |
| 2020-05-18 | CVE-2019-20799 | Out-of-bounds Write vulnerability in Cherokee-Project Cherokee In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to destabilize the work of a server. | 7.5 |
| 2020-05-18 | CVE-2019-20798 | Cross-site Scripting vulnerability in Cherokee-Project Cherokee An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104. | 8.4 |