Vulnerabilidades em EmbedThis
5 resultadosCVE-2021-43298—The code that performs password matching when using 'Basic' HTTP authentication does not use a constant-time memcmp and has no rate-limitingEPSS 2.3%CVE-2023-53155HIGHgoform/formTest in EmbedThis GoAhead 2.5 allows HTML injection via the name parameter.EPSS 0.5%CVE-2024-3187MEDIUMThis issue tracks two CWE-416 Use After Free (UAF) and one CWE-415 Double Free vulnerabilities in Goahead versions <= 6.0.0. These are causeEPSS 0.5%CVE-2024-3184MEDIUMMultiple CWE-476 NULL Pointer Dereference vulnerabilities were found in GoAhead Web Server up to version 6.0.0 when compiled with the ME_GOAEPSS 0.5%CVE-2024-3186MEDIUMCWE-476 NULL Pointer Dereference vulnerability in the evalExpr() function of GoAhead Web Server (version <= 6.0.0) when compiled with the MEEPSS 0.4%