CVE-2018-21028
https://notcve.org/view.php?id=CVE-2018-21028
Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls to the free function. Boa versiones hasta 0.94.14rc21, permite a atacantes remotos activar una pérdida de memoria debido a llamadas perdidas a la función free. • https://github.com/gpg/boa/pull/1 https://github.com/gpg/boa/pull/1/commits/e139b87835994d007fbd64eead6c1455d7b8cf4e • CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2018-21027
https://notcve.org/view.php?id=CVE-2018-21027
Boa through 0.94.14rc21 allows remote attackers to trigger an out-of-memory (OOM) condition because malloc is mishandled. Boa versiones hasta 0.94.14rc21, permite a atacantes remotos desencadenar una condición fuera de la memoria (OOM) porque malloc es manejada inapropiadamente. • https://github.com/gpg/boa/pull/1 https://github.com/gpg/boa/pull/1/commits/e139b87835994d007fbd64eead6c1455d7b8cf4e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-9564
https://notcve.org/view.php?id=CVE-2016-9564
Buffer overflow in send_redirect() in Boa Webserver 0.92r allows remote attackers to DoS via an HTTP GET request requesting a long URI with only '/' and '.' characters. Desbordamiento de búfer en send_redirect() en Boa Webserver 0.92r permite a atacantes remotos hacer DoS a través de una petición GET HTTP solicitando un URI largo con solo caracteres '/' y '.'. • http://www.ljcusack.io/cve-2016-9564-stack-based-buffer-overflow-in-boa-0-dot-92r http://www.securityfocus.com/bid/94599 • CWE-20: Improper Input Validation •