MidnightBSD

Advisories for kitto_project

CVE-2017-1000062 MEDIUM

kittoframework kitto 0.5.1 is vulnerable to directory traversal in the router resulting in remote code execution

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
kitto_project kitto 0.5.1
CVE-2017-1000063 MEDIUM

kittoframework kitto version 0.5.1 is vulnerable to an XSS in the 404 page resulting in information disclosure

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
kitto_project kitto 0.5.1
CVE-2017-1000064 MEDIUM

kittoframework kitto version 0.5.1 is vulnerable to memory exhaustion in the router resulting in DoS

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
kitto_project kitto 0.5.1