Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:embedthis:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductEmbedthis (21632552-b546-50d1-a43d-001b177ca555)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2019-5097 vulnerable 2026-06-08 05:13:57.690641 Details available
MEDIUM (5.3)
A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to an infinite loop in the process. The request can be unauthenticated in the form of GET or POST requests and does not require the requested resource to exist on the server.
Published: 2019-12-03T21:49:38.000Z
Updated: 2024-08-04T19:47:56.843Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-5096 vulnerable 2026-06-08 05:13:57.687850 Details available
CRITICAL (9.8)
An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to a use-after-free condition during the processing of this request that can be used to corrupt heap structures that could lead to full code execution. The request can be unauthenticated in the form of GET or POST requests, and does not require the requested resource to exist on the server.
Published: 2019-12-03T21:52:15.000Z
Updated: 2024-08-04T19:47:55.928Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.