Lucene search
+L

4 matches found

OpenVAS
OpenVAS
added 2023/06/27 12:0 a.m.24 views

Cesanta Mongoose Web Server < 7.10 Improper Input Validation Vulnerability

Cesanta Mongoose Web Server is prone to an improper input validation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.5AI score0.01013EPSS
Exploits0References1
NVD
NVD
added 2023/06/23 8:15 p.m.19 views

CVE-2023-34188

The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker can cause an infinite loop in which the server continuously reparses that payload, and does not respond to any other requests...

7.5CVSS7.5AI score0.01013EPSS
Exploits0References5
CVE
CVE
added 2023/06/23 12:0 a.m.87 views

CVE-2023-34188

CVE-2023-34188 affects the Mongoose HTTP server prior to 7.10. The issue arises when the server processes requests with negative Content-Length headers, causing an infinite loop as the payload is reparsed and preventing handling of other requests. Remediation is to upgrade to 7.10 or later (as ci...

7.5CVSS7.4AI score0.01013EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2023/06/23 12:0 a.m.11 views

CVE-2023-34188

The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker can cause an infinite loop in which the server continuously reparses that payload, and does not respond to any other requests...

7.5CVSS7AI score0.01013EPSS
Exploits0References7
Rows per page
Query Builder