CVE-2021-3466

Name of the Vulnerable Software and Affected Versions: libmicrohttpd version 0.9.70

Description: A flaw was found in libmicrohttpd, where a missing bounds check in the post process urlencoded function leads to a buffer overflow. This allows a remote attacker to write arbitrary data in an application that uses libmicrohttpd, posing a threat to data confidentiality and integrity, as well as system availability.

Recommendations: For version 0.9.70, update to a version that fixes the buffer overflow issue in the post process urlencoded function to prevent remote attackers from writing arbitrary data. As a temporary workaround, consider restricting access to applications that use libmicrohttpd until a patch is available.