Vulnerability Details CVE-2019-12951
An issue was discovered in Mongoose before 6.15. The parse_mqtt() function in mg_mqtt.c has a critical heap-based buffer overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-12951
-
cpe:2.3:a:cesanta:mongoose:-
-
cpe:2.3:a:cesanta:mongoose:3.2
-
cpe:2.3:a:cesanta:mongoose:3.3
-
cpe:2.3:a:cesanta:mongoose:3.4
-
cpe:2.3:a:cesanta:mongoose:3.5
-
cpe:2.3:a:cesanta:mongoose:3.6
-
cpe:2.3:a:cesanta:mongoose:3.7
-
cpe:2.3:a:cesanta:mongoose:3.8
-
cpe:2.3:a:cesanta:mongoose:4.0
-
cpe:2.3:a:cesanta:mongoose:4.1
-
cpe:2.3:a:cesanta:mongoose:5.0
-
cpe:2.3:a:cesanta:mongoose:5.1
-
cpe:2.3:a:cesanta:mongoose:5.2
-
cpe:2.3:a:cesanta:mongoose:5.3
-
cpe:2.3:a:cesanta:mongoose:5.4
-
cpe:2.3:a:cesanta:mongoose:5.5
-
cpe:2.3:a:cesanta:mongoose:5.6
-
cpe:2.3:a:cesanta:mongoose:6.0
-
cpe:2.3:a:cesanta:mongoose:6.1
-
cpe:2.3:a:cesanta:mongoose:6.10
-
cpe:2.3:a:cesanta:mongoose:6.11
-
cpe:2.3:a:cesanta:mongoose:6.12
-
cpe:2.3:a:cesanta:mongoose:6.13
-
cpe:2.3:a:cesanta:mongoose:6.14
-
cpe:2.3:a:cesanta:mongoose:6.2
-
cpe:2.3:a:cesanta:mongoose:6.3
-
cpe:2.3:a:cesanta:mongoose:6.4
-
cpe:2.3:a:cesanta:mongoose:6.5
-
cpe:2.3:a:cesanta:mongoose:6.6
-
cpe:2.3:a:cesanta:mongoose:6.7
-
cpe:2.3:a:cesanta:mongoose:6.8
-
cpe:2.3:a:cesanta:mongoose:6.9