Unix4lyfe Darkhttpd

3 CVEs affecting Unix4lyfe Darkhttpd. Latest disclosed: 2024-01-22. Critical: 1, High: 1.

Top CVEs affecting Unix4lyfe Darkhttpd
CVESeverityScorePublishedSummary
CVE-2024-23771Critical9.82024-01-22darkhttpd before 1.15 uses strcmp (which is not constant time) to verify authentication, which makes it easier for remote attackers to bypass authentication vi…
CVE-2020-25691High7.52022-04-01A flaw was found in darkhttpd. Invalid error handling allows remote attackers to cause denial-of-service by accessing a file with a large modification date. Th…
CVE-2024-23770Medium5.52024-01-22darkhttpd through 1.15 allows local users to discover credentials (for --auth) by listing processes and their arguments.