Vulnerabilities > Crowcpp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-12 | CVE-2023-26142 | Injection vulnerability in Crowcpp Crow 1.0+5 All versions of the package crow are vulnerable to HTTP Response Splitting when untrusted user input is used to build header values. | 6.1 |
2022-08-22 | CVE-2022-38667 | Use After Free vulnerability in Crowcpp Crow HTTP applications (servers) based on Crow through 1.0+4 may allow a Use-After-Free and code execution when HTTP pipelining is used. | 9.8 |
2022-08-22 | CVE-2022-38668 | Use of Uninitialized Resource vulnerability in Crowcpp Crow 1.0+4 HTTP applications (servers) based on Crow through 1.0+4 may reveal potentially sensitive uninitialized data from stack memory when fulfilling a request for a static file smaller than 16 KB. | 7.5 |
2022-08-04 | CVE-2022-34970 | Off-by-one Error vulnerability in Crowcpp Crow Crow before 1.0+4 has a heap-based buffer overflow via the function qs_parse in query_string.h. | 9.8 |
2022-01-13 | CVE-2021-23824 | Cross-site Scripting vulnerability in Crowcpp Crow This affects the package Crow before 0.3+4. | 6.1 |
2022-01-13 | CVE-2021-23514 | Path Traversal vulnerability in Crowcpp Crow This affects the package Crow before 0.3+4. | 7.5 |