Vulnerability Details CVE-2025-65502
Null pointer dereference in add_ca_certs() in Cesanta Mongoose before 7.2 allows remote attackers to cause a denial of service via TLS initialization where SSL_CTX_get_cert_store() returns NULL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.8%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2025-65502
-
cpe:2.3:a:cesanta:mongoose:-
-
cpe:2.3:a:cesanta:mongoose:3.2
-
cpe:2.3:a:cesanta:mongoose:3.3
-
cpe:2.3:a:cesanta:mongoose:3.4
-
cpe:2.3:a:cesanta:mongoose:3.5
-
cpe:2.3:a:cesanta:mongoose:3.6
-
cpe:2.3:a:cesanta:mongoose:3.7
-
cpe:2.3:a:cesanta:mongoose:3.8
-
cpe:2.3:a:cesanta:mongoose:4.0
-
cpe:2.3:a:cesanta:mongoose:4.1
-
cpe:2.3:a:cesanta:mongoose:5.0
-
cpe:2.3:a:cesanta:mongoose:5.1
-
cpe:2.3:a:cesanta:mongoose:5.2
-
cpe:2.3:a:cesanta:mongoose:5.3
-
cpe:2.3:a:cesanta:mongoose:5.4
-
cpe:2.3:a:cesanta:mongoose:5.5
-
cpe:2.3:a:cesanta:mongoose:5.6
-
cpe:2.3:a:cesanta:mongoose:6.0
-
cpe:2.3:a:cesanta:mongoose:6.1
-
cpe:2.3:a:cesanta:mongoose:6.10
-
cpe:2.3:a:cesanta:mongoose:6.11
-
cpe:2.3:a:cesanta:mongoose:6.12
-
cpe:2.3:a:cesanta:mongoose:6.13
-
cpe:2.3:a:cesanta:mongoose:6.14
-
cpe:2.3:a:cesanta:mongoose:6.15
-
cpe:2.3:a:cesanta:mongoose:6.16
-
cpe:2.3:a:cesanta:mongoose:6.17
-
cpe:2.3:a:cesanta:mongoose:6.18
-
cpe:2.3:a:cesanta:mongoose:6.2
-
cpe:2.3:a:cesanta:mongoose:6.3
-
cpe:2.3:a:cesanta:mongoose:6.4
-
cpe:2.3:a:cesanta:mongoose:6.5
-
cpe:2.3:a:cesanta:mongoose:6.6
-
cpe:2.3:a:cesanta:mongoose:6.7
-
cpe:2.3:a:cesanta:mongoose:6.8
-
cpe:2.3:a:cesanta:mongoose:6.9
-
cpe:2.3:a:cesanta:mongoose:7.0
-
cpe:2.3:a:cesanta:mongoose:7.1