← Back

Openwsman

openwsman

Vendor: Openwsman Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-3833
3Fedoraproject
OpensuseOpenwsman Project
3Fedora
LeapOpenwsman
Nov 21, 2024
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by se...Show more
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to openwsman server.Show less
CVE-2019-3816
4Fedoraproject
OpensuseOpenwsman Project+1 more
11Enterprise Linux
Enterprise Linux DesktopEnterprise Linux Eus+8 more
Nov 21, 2024
Mar 14, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this...Show more
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP request to openwsman server.Show less