Cherokee-project Cherokee
3 CVEs affecting Cherokee-project Cherokee. Latest disclosed: 2014-07-02. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2014-4668 | | 2014-07-02 | The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-b… | |
CVE-2011-2191 | | 2011-10-07 | Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrat… | |
CVE-2011-2190 | | 2011-10-07 | The generate_admin_password function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for loc… |