Suggestions search

Untriaged

Filter by:

With package: perlPackages.HTTPServerSimple

Found 2 matching suggestions

View:

Compact

Detailed

Permalink CVE-2026-40255

6.1 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): NONE

created 3 days, 2 hours ago

@adonisjs/http-server has an Open Redirect vulnerability

AdonisJS HTTP Server is a package for handling HTTP requests in the AdonisJS framework. In @adonisjs/http-server versions prior to 7.8.1 and 8.0.0-next.0 through 8.1.3, and @adonisjs/core versions prior to 7.4.0, the response.redirect().back() method reads the Referer header from the incoming HTTP request and redirects to that URL without validating the host.An attacker who can influence the Referer header can cause the application to redirect users to a malicious external site. This affects all AdonisJS applications that use response.redirect().back() or response.redirect('back'). This issue has been fixed in versions 7.8.1 and 8.2.0 and 7.4.0 of @adonisjs/core.

References

https://github.com/adonisjs/http-server/security/advisories/GHSA-6qvv-pj99-48qm x_refsource_CONFIRM
https://github.com/adonisjs/http-server/commit/2008fb6cf4f6f1c0ca5797d57def4d93e1c3de08 x_refsource_MISC
https://github.com/adonisjs/http-server/releases/tag/v7.8.1 x_refsource_MISC
https://github.com/adonisjs/http-server/releases/tag/v8.2.0 x_refsource_MISC

Affected products

http-core

==< 7.4.0

http-server

==>= 8.0.0-next.0, < 8.2.0
==< 7.8.1

Matching in nixpkgs

pkgs.http-server

Simple zero-configuration command-line http server

nixos-unstable 14.1.1
- nixpkgs-unstable 14.1.1
- nixos-unstable-small 14.1.1
nixos-25.11 14.1.1
- nixos-25.11-small 14.1.1
- nixpkgs-25.11-darwin 14.1.1

pkgs.simple-http-server

Simple HTTP server in Rust

nixos-unstable 0.8.0
- nixpkgs-unstable 0.8.0
- nixos-unstable-small 0.8.0
nixos-25.11 0.6.13
- nixos-25.11-small 0.6.13
- nixpkgs-25.11-darwin 0.6.13

pkgs.perlPackages.HTTPServerSimple

Lightweight HTTP server

nixos-unstable 0.52
- nixpkgs-unstable 0.52
- nixos-unstable-small 0.52
nixos-25.11 0.52
- nixos-25.11-small 0.52
- nixpkgs-25.11-darwin 0.52

pkgs.perl5Packages.HTTPServerSimple

Lightweight HTTP server

nixos-unstable 0.52
- nixpkgs-unstable 0.52
- nixos-unstable-small 0.52

pkgs.perlPackages.NetAsyncHTTPServer

Serve HTTP with IO::Async

nixos-unstable 0.14
- nixpkgs-unstable 0.14
- nixos-unstable-small 0.14
nixos-25.11 0.14
- nixos-25.11-small 0.14
- nixpkgs-25.11-darwin 0.14

pkgs.perl538Packages.HTTPServerSimple

Lightweight HTTP server

nixos-25.11 0.52
- nixos-25.11-small 0.52
- nixpkgs-25.11-darwin 0.52

pkgs.perl540Packages.HTTPServerSimple

Lightweight HTTP server

nixos-25.11 0.52
- nixos-25.11-small 0.52
- nixpkgs-25.11-darwin 0.52

pkgs.perl5Packages.NetAsyncHTTPServer

Serve HTTP with IO::Async

nixos-unstable 0.14
- nixpkgs-unstable 0.14
- nixos-unstable-small 0.14

pkgs.perlPackages.HTTPServerSimplePSGI

Perl Web Server Gateway Interface Specification

nixos-unstable 0.16
- nixpkgs-unstable 0.16
- nixos-unstable-small 0.16
nixos-25.11 0.16
- nixos-25.11-small 0.16
- nixpkgs-25.11-darwin 0.16

pkgs.perlPackages.TestHTTPServerSimple

Test::More functions for HTTP::Server::Simple

nixos-unstable 0.11
- nixpkgs-unstable 0.11
- nixos-unstable-small 0.11
nixos-25.11 0.11
- nixos-25.11-small 0.11
- nixpkgs-25.11-darwin 0.11

pkgs.perl538Packages.NetAsyncHTTPServer

Serve HTTP with IO::Async

nixos-25.11 0.14
- nixos-25.11-small 0.14
- nixpkgs-25.11-darwin 0.14

pkgs.perl540Packages.NetAsyncHTTPServer

Serve HTTP with IO::Async

nixos-25.11 0.14
- nixos-25.11-small 0.14
- nixpkgs-25.11-darwin 0.14

pkgs.perl5Packages.HTTPServerSimplePSGI

Perl Web Server Gateway Interface Specification

nixos-unstable 0.16
- nixpkgs-unstable 0.16
- nixos-unstable-small 0.16

pkgs.perl5Packages.TestHTTPServerSimple

Test::More functions for HTTP::Server::Simple

nixos-unstable 0.11
- nixpkgs-unstable 0.11
- nixos-unstable-small 0.11

pkgs.perlPackages.HTTPServerSimpleMason

Simple mason server

nixos-unstable 0.14
- nixpkgs-unstable 0.14
- nixos-unstable-small 0.14
nixos-25.11 0.14
- nixos-25.11-small 0.14
- nixpkgs-25.11-darwin 0.14

pkgs.perl5Packages.HTTPServerSimpleMason

Simple mason server

nixos-unstable 0.14
- nixpkgs-unstable 0.14
- nixos-unstable-small 0.14

pkgs.perlPackages.HTTPServerSimpleAuthen

Authentication plugin for HTTP::Server::Simple

nixos-unstable 0.04
- nixpkgs-unstable 0.04
- nixos-unstable-small 0.04
nixos-25.11 0.04
- nixos-25.11-small 0.04
- nixpkgs-25.11-darwin 0.04

pkgs.haskellPackages.symantic-http-server

symantic-http applied to the derivation of HTTP servers

nixos-unstable 0.1.1.20190410
- nixpkgs-unstable 0.1.1.20190410
- nixos-unstable-small 0.1.1.20190410
nixos-25.11 0.1.1.20190410
- nixos-25.11-small 0.1.1.20190410
- nixpkgs-25.11-darwin 0.1.1.20190410

pkgs.perl538Packages.HTTPServerSimplePSGI

Perl Web Server Gateway Interface Specification

nixos-25.11 0.16
- nixos-25.11-small 0.16
- nixpkgs-25.11-darwin 0.16

pkgs.perl538Packages.TestHTTPServerSimple

Test::More functions for HTTP::Server::Simple

nixos-25.11 0.11
- nixos-25.11-small 0.11
- nixpkgs-25.11-darwin 0.11

pkgs.perl540Packages.HTTPServerSimplePSGI

Perl Web Server Gateway Interface Specification

nixos-25.11 0.16
- nixos-25.11-small 0.16
- nixpkgs-25.11-darwin 0.16

pkgs.perl540Packages.TestHTTPServerSimple

Test::More functions for HTTP::Server::Simple

nixos-25.11 0.11
- nixos-25.11-small 0.11
- nixpkgs-25.11-darwin 0.11

pkgs.perl5Packages.HTTPServerSimpleAuthen

Authentication plugin for HTTP::Server::Simple

nixos-unstable 0.04
- nixpkgs-unstable 0.04
- nixos-unstable-small 0.04

pkgs.perl538Packages.HTTPServerSimpleMason

Simple mason server

nixos-25.11 0.14
- nixos-25.11-small 0.14
- nixpkgs-25.11-darwin 0.14

pkgs.perl540Packages.HTTPServerSimpleMason

Simple mason server

nixos-25.11 0.14
- nixos-25.11-small 0.14
- nixpkgs-25.11-darwin 0.14

pkgs.perl538Packages.HTTPServerSimpleAuthen

Authentication plugin for HTTP::Server::Simple

nixos-25.11 0.04
- nixos-25.11-small 0.04
- nixpkgs-25.11-darwin 0.04

pkgs.perl540Packages.HTTPServerSimpleAuthen

Authentication plugin for HTTP::Server::Simple

nixos-25.11 0.04
- nixos-25.11-small 0.04
- nixpkgs-25.11-darwin 0.04

Package maintainers

@anoadragon453 Andrew Morgan <andrew@amorgan.xyz>
@Mephistophiles Maxim Zhukov <mussitantesmortem@gmail.com>
@JarvisCraft Petr Portnov <mrjarviscraft+nix@gmail.com>

Permalink CVE-2026-24469

7.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): NONE
Availability impact (A): NONE

created 2 months, 3 weeks ago

C++ HTTP Server has Critical Path Traversal Vulnerability in RequestHandler Allowing Arbitrary File Read

C++ HTTP Server is an HTTP/1.1 server built to handle client connections and serve HTTP requests. Versions 1.0 and below are vulnerable to Path Traversal via the RequestHandler::handleRequest method. This flaw allows an unauthenticated, remote attacker to read arbitrary files from the server's filesystem by crafting a malicious HTTP GET request containing ../ sequences. The application fails to sanitize the filename variable derived from the user-controlled URL path, directly concatenating it to the files_directory base path and enabling traversal outside the intended root. No patch was available at the time of publication.