6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.4%
Out-of-bounds Read in the send_ssi_file function in civetweb.c in CivetWeb through 1.10 allows attackers to cause a Denial of Service or Information Disclosure via a crafted SSI file.
github.com/civetweb/civetweb/commit/8fd069f6dedb064339f1091069ac96f3f8bdb552
github.com/civetweb/civetweb/issues/633