Heap-based Buffer Overflow in the de_dotdot function in...
High severity
Unreviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Jul 19, 2024
Description
Published by the National Vulnerability Database
Jun 29, 2017
Published to the GitHub Advisory Database
May 17, 2022
Last updated
Jul 19, 2024
Heap-based Buffer Overflow in the de_dotdot function in libhttpd.c in sthttpd before 2.27.1 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a crafted filename.
References