Mongoose Web Server
by Cesanta
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-42392 | 0.00 | — | 0.00 | Nov 18, 2024 | Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters. | |||
| CVE-2024-42391 | 0.00 | — | 0.00 | Nov 18, 2024 | Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. | |||
| CVE-2024-42390 | 0.00 | — | 0.00 | Nov 18, 2024 | Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. | |||
| CVE-2024-42389 | 0.00 | — | 0.00 | Nov 18, 2024 | Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. | |||
| CVE-2024-42388 | 0.00 | — | 0.00 | Nov 18, 2024 | Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. | |||
| CVE-2024-42387 | 0.00 | — | 0.00 | Nov 18, 2024 | Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. | |||
| CVE-2024-42386 | 0.00 | — | 0.00 | Nov 18, 2024 | Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. | |||
| CVE-2024-42385 | 0.00 | — | 0.00 | Nov 18, 2024 | Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters. | |||
| CVE-2024-42384 | 0.00 | — | 0.00 | Nov 18, 2024 | Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. | |||
| CVE-2024-42383 | 0.00 | — | 0.00 | Nov 18, 2024 | Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field. |
- CVE-2024-42392Nov 18, 2024risk 0.00cvss —epss 0.00
Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters.
- CVE-2024-42391Nov 18, 2024risk 0.00cvss —epss 0.00
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
- CVE-2024-42390Nov 18, 2024risk 0.00cvss —epss 0.00
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
- CVE-2024-42389Nov 18, 2024risk 0.00cvss —epss 0.00
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
- CVE-2024-42388Nov 18, 2024risk 0.00cvss —epss 0.00
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
- CVE-2024-42387Nov 18, 2024risk 0.00cvss —epss 0.00
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
- CVE-2024-42386Nov 18, 2024risk 0.00cvss —epss 0.00
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application.
- CVE-2024-42385Nov 18, 2024risk 0.00cvss —epss 0.00
Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters.
- CVE-2024-42384Nov 18, 2024risk 0.00cvss —epss 0.00
Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application.
- CVE-2024-42383Nov 18, 2024risk 0.00cvss —epss 0.00
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field.