Mongoose
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-1354 | 0.03 | — | 0.02 | Apr 21, 2009 | Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. | |||
| CVE-2009-4535 | 0.00 | — | 0.07 | Dec 31, 2009 | Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending a / (slash) character to the URI. | |||
| CVE-2009-4530 | 0.00 | — | 0.01 | Dec 31, 2009 | Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending ::$DATA to the URI. |
- CVE-2009-1354Apr 21, 2009risk 0.03cvss —epss 0.02
Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
- CVE-2009-4535Dec 31, 2009risk 0.00cvss —epss 0.07
Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending a / (slash) character to the URI.
- CVE-2009-4530Dec 31, 2009risk 0.00cvss —epss 0.01
Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending ::$DATA to the URI.