Crowcpp Crow

6 CVEs affecting Crowcpp Crow. Latest disclosed: 2023-09-12. Critical: 2, High: 1.

Top CVEs affecting Crowcpp Crow
CVESeverityScorePublishedSummary
CVE-2022-38667Critical9.82022-08-22HTTP applications (servers) based on Crow through 1.0+4 may allow a Use-After-Free and code execution when HTTP pipelining is used. The HTTP parser supports HT…
CVE-2022-34970Critical9.82022-08-04Crow before 1.0+4 has a heap-based buffer overflow via the function qs_parse in query_string.h. On successful exploitation this vulnerability allows attackers…
CVE-2022-38668High7.52022-08-22HTTP applications (servers) based on Crow through 1.0+4 may reveal potentially sensitive uninitialized data from stack memory when fulfilling a request for a s…
CVE-2023-26142Medium6.52023-09-12All versions of the package crow are vulnerable to HTTP Response Splitting when untrusted user input is used to build header values. Header values are not prop…
CVE-2021-23824Medium6.52022-01-13This affects the package Crow before 0.3+4. When using attributes without quotes in the template, an attacker can manipulate the input to introduce additional…
CVE-2021-23514Medium6.52022-01-13This affects the package Crow before 0.3+4. It is possible to traverse directories to fetch arbitrary files from the server.