VYPR
Unrated severityNVD Advisory· Published Jun 10, 2019· Updated Aug 5, 2024

CVE-2018-20353

CVE-2018-20353

Description

An invalid read of 8 bytes due to a use-after-free vulnerability during a "NULL test" in the mg_http_get_proto_data function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Cesanta/Mongoose Embedded Web Server Librarydescription
  • Cesanta/Mongoosellm-fuzzy
    Range: <=6.13

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.