Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-24275 | 1 Swoole | 1 Swoole | 2024-02-28 | N/A | 6.5 MEDIUM |
A HTTP response header injection vulnerability in Swoole v4.5.2 allows attackers to execute arbitrary code via supplying a crafted URL. | |||||
CVE-2019-15518 | 1 Swoole | 1 Swoole | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
Swoole before 4.2.13 allows directory traversal in swPort_http_static_handler. | |||||
CVE-2018-15503 | 1 Swoole | 1 Swoole | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The unpack implementation in Swoole version 4.0.4 lacks correct size checks in the deserialization process. An attacker can craft a serialized object to exploit this vulnerability and cause a SEGV. |