Описание
An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component improperly, the issue may lead to a buffer overflow.
Ссылки
- Exploit
- Product
- Issue TrackingPatch
Уязвимые конфигурации
Конфигурация 1Версия от 7.5 (включая) до 7.17 (включая)
cpe:2.3:a:cesanta:mongoose:*:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00087
Низкий
7.5 High
CVSS3
Дефекты
CWE-190
Связанные уязвимости
CVSS3: 7.5
github
4 месяца назад
An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can cause the application to crash. If downstream vendors integrate this component improperly, the issue may lead to a buffer overflow.
EPSS
Процентиль: 25%
0.00087
Низкий
7.5 High
CVSS3
Дефекты
CWE-190