Filtered by vendor Tiny-http Project
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-35884 | 2 Fedoraproject, Tiny-http Project | 2 Fedora, Tiny-http | 2022-04-01 | 6.4 MEDIUM | 6.5 MEDIUM |
An issue was discovered in the tiny_http crate through 2020-06-16 for Rust. HTTP Request smuggling can occur via a malformed Transfer-Encoding header. | |||||
CVE-2017-16097 | 1 Tiny-http Project | 1 Tiny-http | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |