Gnu Libmicrohttpd
6 CVEs affecting Gnu Libmicrohttpd. Latest disclosed: 2025-11-10. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-3466 | Critical | 9.8 | 2021-03-25 | A flaw was found in libmicrohttpd. A missing bounds check in the post_process_urlencoded function leads to a buffer overflow, allowing a remote attacker to wri… |
CVE-2025-62689 | High | 7.5 | 2025-11-10 | NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of th… |
CVE-2025-59777 | High | 7.5 | 2025-11-10 | NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of th… |
CVE-2023-27371 | Medium | 5.9 | 2023-02-28 | GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_crea… |
CVE-2013-7039 | | 2013-12-13 | Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large val… | |
CVE-2013-7038 | | 2013-12-13 | The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash)… |