ACME thttpd 2.25b
Approved changes feed: RSS · Atom
cpe:2.3:a:acme:thttpd:2.25:b:*:*:*:*:*:*
part: a version: 2.25 update: b
| Vendor | Acme (f9a29530-a981-5566-8a38-664c797d62c6) |
|---|---|
| Product | Thttpd (d8767620-a730-5c56-a8f4-8a00b901f592) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/jpouellet/thttpd |
purl2cpe | 2026-06-01 10:12:31.779760 |
pkg:github/larryhe/tinyhttpd |
purl2cpe | 2026-06-01 10:12:31.779761 |
pkg:github/wlangstroth/thttpd |
purl2cpe | 2026-06-01 10:12:31.779763 |
pkg:rpm/fedora/thttpd |
purl2cpe | 2026-06-01 10:12:31.779764 |
pkg:rpm/opensuse/thttpd |
purl2cpe | 2026-06-01 10:12:31.779765 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2013-0348 |
vulnerable | 2026-06-03 14:32:43.126552 |
Details available
thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
Published: 2013-12-13T18:00:00.000Z
Updated: 2024-08-06T14:25:09.614Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2009-4491 |
vulnerable | 2026-06-03 14:29:57.902794 |
Details available
thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
Published: 2010-01-13T00:00:00.000Z
Updated: 2024-08-07T07:01:20.480Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.