CNNVD-202601-4366 Information

CNNVD ID

CNNVD-202601-4366

Related CVE

CVE-2025-57783

• CNNVD Published: 2026-01-26

Description (Chinese)

Hiawatha是Hugo Leisink个人开发者的一套适用于Unix系统的安全Web服务器。该产品能够阻止XSS、SQL注入和CSRF等攻击，并提供服务器监控功能。 Hiawatha 11.7版本存在安全漏洞，该漏洞源于标头解析不当，可能导致请求夹带，从而访问受限制资源。

Description (English)

Hiawatha is a secure Web server for the Unix system for the personal developers of Hugo Leisink. The product could prevent attacks such as XSS, SQL injections and CSRF and provide server surveillance. There is a security loophole in version 11.7 of Hiawatha, which stems from inadequate header analysis, which may lead to requests for tapes and thus access to restricted resources.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-01-26

Last Modified

2026-02-24

References

https://gitlab.com/hsleisink/hiawatha/-/blame/master/src/ https://access.redhat.com/security/cve/cve-2025-57783

Patch

https://gitlab.com/hsleisink/hiawatha/-/tags