CVE-2024-42385

High

Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if…

Nozomi·CWE-140·Published 2024-11-18

CVSS

7.0

EPSS

0.00

KEV

Exploits

cve.orgen

190 chars

Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters.

NVDen

190 chars

Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters.

La vulnerabilidad de neutralización incorrecta de delimitadores en Cesanta Mongoose Web Server v7.14 permite activar una escritura en memoria fuera de los límites si el certificado PEM contiene caracteres inesperados.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	7.0	1.0	5.9	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	4.0	—	—	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
3.1	Secondary	NVD	4.0	0.3	3.6	CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H