CVE-2024-42384 | THREATINT

Description

Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application.

PUBLISHED Reserved 2024-07-31 | Published 2024-11-18 | Updated 2025-01-13 | Assigner Nozomi

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-190 Integer Overflow or Wraparound

Product status

Default status

unaffected

Any version

affected

Credits

Gabriele Quagliarella finder

Diego Zaffaroni finder

References

www.nozominetworks.com/blog

cve.org (CVE-2024-42384)

nvd.nist.gov (CVE-2024-42384)

Download JSON