Vulnerabilities > Cesanta > Mongoose > 6.18

DATE CVE VULNERABILITY TITLE RISK
2021-02-08 CVE-2021-26529 Out-Of-Bounds Write vulnerability in Cesanta Mongoose
The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 and 6.7-6.18 (compiled with mbedTLS support) is vulnerable to remote OOB write attack via connection request after exhausting memory pool.
network
low complexity
cesanta CWE-787
6.4
2020-09-18 CVE-2020-25756 Classic Buffer Overflow vulnerability in Cesanta Mongoose 6.18
** DISPUTED ** A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking.
network
low complexity
cesanta CWE-120
7.5