CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1CVE-2022-45956
https://notcve.org/view.php?id=CVE-2022-45956
Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism. Las versiones 0.94.13 a 0.94.14 de Boa Web Server no validan la restricción de seguridad correcta en el método HEAD HTTP, lo que permite a todos omitir el mecanismo Basic Authorization. • https://packetstormsecurity.com/files/169962/Boa-Web-Server-0.94.13-0.94.14-Authentication-Bypass.html • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-21028
https://notcve.org/view.php?id=CVE-2018-21028
Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls to the free function. Boa versiones hasta 0.94.14rc21, permite a atacantes remotos activar una pérdida de memoria debido a llamadas perdidas a la función free. • https://github.com/gpg/boa/pull/1 https://github.com/gpg/boa/pull/1/commits/e139b87835994d007fbd64eead6c1455d7b8cf4e • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-21027
https://notcve.org/view.php?id=CVE-2018-21027
Boa through 0.94.14rc21 allows remote attackers to trigger an out-of-memory (OOM) condition because malloc is mishandled. Boa versiones hasta 0.94.14rc21, permite a atacantes remotos desencadenar una condición fuera de la memoria (OOM) porque malloc es manejada inapropiadamente. • https://github.com/gpg/boa/pull/1 https://github.com/gpg/boa/pull/1/commits/e139b87835994d007fbd64eead6c1455d7b8cf4e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •