Vulnerabilities (CVE)

Filtered by vendor Openwsman Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-3833 3 Fedoraproject, Opensuse, Openwsman Project 3 Fedora, Leap, Openwsman 2024-11-21 5.0 MEDIUM 7.5 HIGH
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server.
CVE-2019-3816 4 Fedoraproject, Opensuse, Openwsman Project and 1 more 11 Fedora, Leap, Openwsman and 8 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.