Valenok Mongoose vulnerabilities
2 known vulnerabilities affecting valenok/mongoose.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2011-2900P2HIGHCVSS 7.5ExploitedPoCv3.02011-08-05
CVE-2011-2900 [HIGH] CWE-119 CVE-2011-2900: Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir f
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011.
nvd
CVE-2009-4535P4MEDIUMCVSS 5.0PoC≤ 2.8.02009-12-31
CVE-2009-4535 [MEDIUM] CWE-200 CVE-2009-4535: Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appen
Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending a / (slash) character to the URI.
nvd