4 matches found
Cesanta Mongoose Web Server < 7.10 Improper Input Validation Vulnerability
Cesanta Mongoose Web Server is prone to an improper input validation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2023-34188
The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker can cause an infinite loop in which the server continuously reparses that payload, and does not respond to any other requests...
CVE-2023-34188
CVE-2023-34188 affects the Mongoose HTTP server prior to 7.10. The issue arises when the server processes requests with negative Content-Length headers, causing an infinite loop as the payload is reparsed and preventing handling of other requests. Remediation is to upgrade to 7.10 or later (as ci...
CVE-2023-34188
The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker can cause an infinite loop in which the server continuously reparses that payload, and does not respond to any other requests...