CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42387 – Use of Out-of-range Pointer Offset in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42387
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42387 • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42386 – Use of Out-of-range Pointer Offset in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42386
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42386 • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42385 – Improper Neutralization of Delimiters in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42385
Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42385 • CWE-140: Improper Neutralization of Delimiters •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42384 – Integer Overflow or Wraparound in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42384
Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42384 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42383 – Use of Out-of-range Pointer Offset in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42383
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42383 • CWE-823: Use of Out-of-range Pointer Offset •