CVE-2024-42383

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*

History

19 Nov 2024, 17:55

Type Values Removed Values Added
CPE cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 4.2
v2 : unknown
v3 : 9.8
References () https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42383 - () https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42383 - Third Party Advisory
CWE NVD-CWE-Other
First Time Cesanta mongoose
Cesanta

18 Nov 2024, 17:11

Type Values Removed Values Added
Summary
  • (es) El uso de la vulnerabilidad de desplazamiento de puntero fuera de rango en Cesanta Mongoose Web Server v7.14 permite escribir un valor de byte NULL más allá del espacio de memoria dedicado para el campo de nombre de host.

18 Nov 2024, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-18 10:15

Updated : 2024-11-19 17:55


NVD link : CVE-2024-42383

Mitre link : CVE-2024-42383

CVE.ORG link : CVE-2024-42383


JSON object : View

Products Affected

cesanta

  • mongoose
CWE
NVD-CWE-Other CWE-823

Use of Out-of-range Pointer Offset