Home

Description

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.

PUBLISHED Reserved 2024-07-31 | Published 2024-11-18 | Updated 2024-11-18 | Assigner Nozomi




MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-823 Use of Out-of-range Pointer Offset

Product status

Default status
unaffected

Any version
affected

Credits

Gabriele Quagliarella finder

References

www.nozominetworks.com/...rability-advisories-cve-2024-42389

cve.org (CVE-2024-42389)

nvd.nist.gov (CVE-2024-42389)

Download JSON