CNNVD-202601-4363 Information
CNNVD ID
CNNVD-202601-4363
Related CVE
- CNNVD Published: 2026-01-26
Description (Chinese)
Hiawatha是Hugo Leisink个人开发者的一套适用于Unix系统的安全Web服务器。该产品能够阻止XSS、SQL注入和CSRF等攻击,并提供服务器监控功能。 Hiawatha 11.7版本存在安全漏洞,该漏洞源于XSLT show_index存在双重释放,可能导致数据损坏或执行任意代码。
Description (English)
Hiawatha is a secure Web server for the Unix system for the personal developers of Hugo Leisink. The product could prevent attacks such as XSS, SQL injections and CSRF and provide server surveillance. There is a security loophole in version 11.7 of Hiawatha, which stems from the double release of XSLT show index, which could lead to data damage or the implementation of arbitrary codes.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2026-01-26
Last Modified
2026-02-24
References
https://gitlab.com/hsleisink/hiawatha/-/blame/master/src/xslt.c?ref_type=heads#L675 https://access.redhat.com/security/cve/cve-2025-57785
Patch
https://gitlab.com/hsleisink/hiawatha/-/tags
Share on: