Chendotjs: >> Lotos Webserver Security Vulnerabilities
Lotos WebServer v0.1.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the response_append_status_line function at /lotos/src/response.c.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-02-05
Lotos WebServer through 0.1.1 (commit 3eb36cc) has a use-after-free in buffer_avail() at buffer.h via a long URI, because realloc is mishandled.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-01-05