CVE-2024-42383

Critical

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory…

Nozomi·CWE-823·Published 2024-11-18

CVSS

9.8

EPSS

0.00

KEV

Exploits

cve.orgen

177 chars

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field.

NVDen

177 chars

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field.

El uso de la vulnerabilidad de desplazamiento de puntero fuera de rango en Cesanta Mongoose Web Server v7.14 permite escribir un valor de byte NULL más allá del espacio de memoria dedicado para el campo de nombre de host.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	4.2	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
3.1	Secondary	NVD	4.2	1.6	2.5	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L