Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Mongoose Security Vulnerabilities - 2023

cve
cve

CVE-2020-25887

Buffer overflow in mg_resolve_from_hosts_file in Mongoose 6.18, when reading from a crafted hosts file.

8.8CVSS

8.7AI Score

0.001EPSS

2023-08-22 07:16 PM
16
cve
cve

CVE-2023-2905

Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not a...

8.8CVSS

8.7AI Score

0.0004EPSS

2023-08-09 05:15 AM
23
cve
cve

CVE-2023-34188

The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker can cause an infinite loop in which the server continuously reparses that payload, and does not respond to any other requests.

7.5CVSS

7.4AI Score

0.001EPSS

2023-06-23 08:15 PM
46