← Back

Lotos Webserver

lotos_webserver

Vendor: Chendotjs • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-24263
1Chendotjs
1Lotos Webserver
Jun 17, 2026
Feb 5, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
Lotos WebServer v0.1.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the response_append_status_line function at /lotos/src/response.c.
CVE-2024-22088
1Chendotjs
1Lotos Webserver
Jun 17, 2026
Jan 5, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Lotos WebServer through 0.1.1 (commit 3eb36cc) has a use-after-free in buffer_avail() at buffer.h via a long URI, because realloc is mishandled.