CVE-2024-42384

Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*

History

19 Nov 2024, 17:54

Type Values Removed Values Added
CPE cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
References () https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42384 - () https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42384 - Third Party Advisory
First Time Cesanta mongoose
Cesanta

18 Nov 2024, 17:11

Type Values Removed Values Added
Summary
  • (es) La vulnerabilidad de desbordamiento de enteros o envoltura en Cesanta Mongoose Web Server v7.14 permite a un atacante enviar un paquete TLS inesperado y producir una falla de segmentación en la aplicación.

18 Nov 2024, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-18 10:15

Updated : 2024-11-19 17:54


NVD link : CVE-2024-42384

Mitre link : CVE-2024-42384

CVE.ORG link : CVE-2024-42384


JSON object : View

Products Affected

cesanta

  • mongoose
CWE
CWE-190

Integer Overflow or Wraparound