Vulnerabilities > Cesanta > Mongoose > 6.14
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-23 | CVE-2023-34188 | Unspecified vulnerability in Cesanta Mongoose The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. | 7.5 |
| 2022-02-18 | CVE-2022-25299 | Files or Directories Accessible to External Parties vulnerability in Cesanta Mongoose This affects the package cesanta/mongoose before 7.6. | 5.0 |
| 2021-02-08 | CVE-2021-26529 | Out-of-bounds Write vulnerability in Cesanta Mongoose The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 and 6.7-6.18 (compiled with mbedTLS support) is vulnerable to remote OOB write attack via connection request after exhausting memory pool. | 6.4 |
| 2019-06-24 | CVE-2019-12951 | Out-of-bounds Write vulnerability in Cesanta Mongoose An issue was discovered in Mongoose before 6.15. | 7.5 |