Cesanta Mongoose Embedded Web Server Library — known CVE vulnerabilities
Every CVE whose affected-product data names Cesanta Mongoose Embedded Web Server Library, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2017-11567 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server before 6.9 allows remote attackers to hijack the authentication of…
CVE-2018-20352 — CVSS 8.8 (high): Use-after-free vulnerability in the mg_cgi_ev_handler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and…
CVE-2017-7185 — CVSS 7.5 (high): Use-after-free vulnerability in the mg_http_multipart_wait_for_boundary function in mongoose.c in Cesanta Mongoose Embedded Web Server…