Vulnerability Details CVE-2019-1010218
Cherokee Webserver Latest Cherokee Web server Upto Version 1.2.103 (Current stable) is affected by: Buffer Overflow - CWE-120. The impact is: Crash. The component is: Main cherokee command. The attack vector is: Overwrite argv[0] to an insane length with execl. The fixed version is: There's no fix yet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2019-1010218
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.0.12
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.0.13
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.0.14
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.0.15
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.0.16
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.0.17
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.0.18
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.0.21
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.2.0
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.2.101
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.2.102
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.2.103
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.2.2
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.2.98
-
cpe:2.3:a:cherokee-project:cherokee_web_server:1.2.99