pkg:Alpine/darkhttpd

All known vulnerabilities

• CRITICAL9.8CVE-2024-23771darkhttpd before 1.15 uses strcmp (which is not constant time) to verify authentication, which makes it easier for remote attackers to bypa…
  from 0, < 1.15-r0
• HIGH7.5CVE-2020-25691A flaw was found in darkhttpd.
  from 0, < 1.14-r0
• MEDIUM5.5CVE-2024-23770darkhttpd through 1.15 allows local users to discover credentials (for --auth) by listing processes and their arguments.
  from 0, < 1.15-r0