VYPR

Mongoose OS

by Cesanta

Source repositories

CVEs (2)

  • CVE-2017-7185HigApr 10, 2017
    risk 0.53cvss 7.5epss 0.12

    Use-after-free vulnerability in the mg_http_multipart_wait_for_boundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and earlier and Mongoose OS 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a multipart/form-data…

  • CVE-2021-27425May 3, 2022
    risk 0.00cvss epss 0.02

    Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mm_malloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.