Known Vulnerabilities for Goahead by Embedthis
Listed below are 10 of the newest known vulnerabilities associated with "Goahead" by "Embedthis".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-43298 | The code that performs password matching when using 'Basic' HTTP authentication does not use a constant-time memcmp and has n... | 9.8 - CRITICAL | 2022-01-25 | 2022-02-01 |
| CVE-2021-42342 | An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to ... | 9.8 - CRITICAL | 2021-10-14 | 2021-10-20 |
| CVE-2021-41615 | websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation relies on the hardcoded once... | 9.8 - CRITICAL | 2022-08-08 | 2022-08-12 |
| CVE-2020-15688 | The HTTP Digest Authentication in the GoAhead web server before 5.1.2 does not completely protect against replay attacks. Thi... | 8.8 - HIGH | 2020-07-23 | 2023-01-31 |
| CVE-2019-19240 | Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests with a large Host header. The GoAhead WebsRedirect uses a ... | 5.3 - MEDIUM | 2019-11-22 | 2020-08-24 |
| CVE-2019-16645 | An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages (such as goform/login and config/log_off_page.htm) create l... | 8.6 - HIGH | 2019-09-20 | 2020-08-24 |
| CVE-2019-12822 | In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a header parsing vulnerability causes a memory assertion, o... | 7.5 - HIGH | 2019-06-14 | 2021-07-21 |
| CVE-2019-5097 | A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server ap... | 7.5 - HIGH | 2019-12-03 | 2022-06-17 |
| CVE-2019-5096 | An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead... | 9.8 - CRITICAL | 2019-12-03 | 2022-06-17 |
| CVE-2018-15504 | An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fi... | 7.5 - HIGH | 2018-08-18 | 2023-06-22 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Embedthis | Goahead | 5.1.2 | All | All | All |
| Application | Embedthis | Goahead | 5.1.0 | All | All | All |
| Application | Embedthis | Goahead | 5.0.1 | All | All | All |
| Application | Embedthis | Goahead | 5.0.0 | All | All | All |
| Application | Embedthis | Goahead | 4.1.2 | All | All | All |
| Application | Embedthis | Goahead | 4.1.1 | All | All | All |
| Application | Embedthis | Goahead | 4.1.0 | All | All | All |
| Application | Embedthis | Goahead | 4.0.2 | All | All | All |
| Application | Embedthis | Goahead | 4.0.1 | All | All | All |
| Application | Embedthis | Goahead | 4.0.0 | All | All | All |
| Application | Embedthis | Goahead | 3.6.5 | All | All | All |
| Application | Embedthis | Goahead | 3.6.4 | All | All | All |
| Application | Embedthis | Goahead | 3.6.3 | All | All | All |
| Application | Embedthis | Goahead | 3.6.2 | All | All | All |
| Application | Embedthis | Goahead | 3.6.1 | All | All | All |
| Application | Embedthis | Goahead | 3.6.0 | All | All | All |
| Application | Embedthis | Goahead | 3.5.0 | All | All | All |
| Application | Embedthis | Goahead | 3.4.9 | All | All | All |
| Application | Embedthis | Goahead | 3.4.8 | All | All | All |
| Application | Embedthis | Goahead | 3.4.7 | All | All | All |