CVE-2021-32742
- EPSS 0.37%
- Veröffentlicht 09.07.2021 14:15:07
- Zuletzt bearbeitet 21.11.2024 06:07:39
Vapor is a web framework for Swift. In versions 4.47.1 and prior, bug in the `Data.init(base32Encoded:)` function opens up the potential for exposing server memory and/or crashing the server (Denial of Service) for applications where untrusted data c...
CVE-2021-21328
- EPSS 0.44%
- Veröffentlicht 26.02.2021 02:15:12
- Zuletzt bearbeitet 21.11.2024 05:48:01
Vapor is a web framework for Swift. In Vapor before version 4.40.1, there is a DoS attack against anyone who Bootstraps a metrics backend for their Vapor app. The following is the attack vector: 1. send unlimited requests against a vapor instance wit...
CVE-2020-15230
- EPSS 0.57%
- Veröffentlicht 02.10.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:05:08
Vapor is a web framework for Swift. In Vapor before version 4.29.4, Attackers can access data at arbitrary filesystem paths on the same host as an application. Only applications using FileMiddleware are affected. This is fixed in version 4.29.4.