Unrated severityNVD Advisory· Published Jun 23, 2023· Updated Feb 28, 2025
CVE-2023-34188
CVE-2023-34188
Description
The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker can cause an infinite loop in which the server continuously reparses that payload, and does not respond to any other requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Mongoose/Mongoosedescription
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.