| Release | Version |
|---|---|
| bullseye | 1.13+dfsg-5 |
| bookworm | 1.15+dfsg-4 |
| trixie | 1.16+dfsg-2 |
| forky | 1.16+dfsg-3 |
| sid | 1.16+dfsg-3 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2025-55763 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Buffer Overflow in the URI parser of CivetWeb 1.14 through 1.16 (lates ... |
| CVE-2025-9648 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | A vulnerability in the CivetWeb library's function mg_handle_form_requ ... |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2020-27304 | vulnerable | fixed | fixed | fixed | fixed | The CivetWeb web library does not validate uploaded filepaths when run ... |
| Bug | Description |
|---|---|
| CVE-2018-12684 | Out-of-bounds Read in the send_ssi_file function in civetweb.c in Cive ... |