Vulnerabilities (CVE)

Filtered by vendor Tiny-http Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-35884 2 Fedoraproject, Tiny-http Project 2 Fedora, Tiny-http 2024-11-21 6.4 MEDIUM 6.5 MEDIUM
An issue was discovered in the tiny_http crate through 2020-06-16 for Rust. HTTP Request smuggling can occur via a malformed Transfer-Encoding header.
CVE-2017-16097 1 Tiny-http Project 1 Tiny-http 2024-11-21 5.0 MEDIUM 7.5 HIGH
tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.