2 matches found
Cesanta Mongoose Embedded Web Server Library Resource Management Error Vulnerability
Cesanta Mongoose Embedded Web Server Library is a cross-platform embedded server and web library written in C. It is designed to be used with a wide range of applications, including... A resource management error vulnerability exists in the 'mghttpfreeprotodatacgi' function of the mongoose.c file...
DEBIAN-CVE-2018-18764
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in a parsemqtt getu16 call. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially...