55 matches found
CVE-2025-63649
An out-of-bounds read in the httpparsertransferencodingchunked function mkserver/mkhttpparser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted POST request to the server...
Monkey Server security vulnerabilities
Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from the mkhttprequestend function’s ability to re-use freed resources, potentially leading to denial-of-service attacks...
CVE-2025-63658
A stack overflow in the mkhttpindexlookup function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
EUVD-2025-206526
An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
EUVD-2025-206525
A NULL pointer dereference in the mkhttprangeparse function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
CVE-2025-63655
A NULL pointer dereference in the mkhttprangeparse function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
Monkey Server security vulnerabilities
Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from a stack overflow in the mkhttpindexlookup function. This vulnerability could lead to denial-of-service attacks...
Monkey Server security vulnerabilities
Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from a null pointer dereferencing in the mkhttprangeparse function. This vulnerability may lead to denial-of-service attacks...
CVE-2025-63655
CVE-2025-63655 describes a NULL pointer dereference in the mk_http_range_parse function (mk_server/mk_http.c) in the Monkey project, fixed in commit f37e984. The issue allows an attacker to cause a Denial of Service by sending a crafted HTTP request to the targeted server. Affected component is t...
CVE-2025-63653
An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
CVE-2025-63655
A NULL pointer dereference in the mkhttprangeparse function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
PT-2026-5344
A stack overflow in the mk http index lookup function mk server/mk http.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
CVE-2025-63656
CVE-2025-63656 affects the Monkey server (commit f37e984) with an out-of-bounds read in the header_cmp function (mk_server/mk_http_parser.c). Exploitation is sufficient to cause a Denial of Service by receiving a crafted HTTP request. Connected sources (Red Hat advisory, NVD/NVL records, Attacker...
Monkey Server security vulnerabilities
Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from an out-of-bounds read in the mkvhostfdtclose function, potentially leading to a denial-of-service attack...
PT-2026-5341
Name of the Vulnerable Software and Affected Versions Monkey versions prior to commit f37e984 Description A flaw exists in the mk http range parse function located in mk server/mk http.c that can lead to a Denial of Service DoS. This occurs when a specially crafted HTTP request is sent to the...
CVE-2025-63652
A use-after-free in the mkhttprequestend function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
PT-2026-5343
Name of the Vulnerable Software and Affected Versions monkey commit f37e984 Description An out-of-bounds read exists in the mk mimetype find function located in mk server/mk mimetype.c. This issue can be triggered by sending a crafted HTTP request to the server, potentially leading to a Denial of...
Monkey Server security vulnerabilities
Monkey Server is an open-source HTTP server developed by Monkey I/O. There is a security vulnerability in Monkey Server, which stems from out-of-bounds read accesses in the http parser-transferencodingchunked function. This vulnerability could lead to denial-of-service attacks...
CVE-2025-63658
A stack overflow in the mkhttpindexlookup function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
CVE-2025-63652
A use-after-free in the mkhttprequestend function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...