CNNVD-202511-2652 Information

CNNVD ID

CNNVD-202511-2652

Related CVE

CVE-2025-65502

• CNNVD Published: 2025-11-24

Description (Chinese)

Cesanta Mongoose是爱尔兰Cesanta公司的一套嵌入式服务器库，它包括TCP、HTTP客户端和服务器、WenSocket客户端和服务器等功能。 Cesanta Mongoose 7.2之前版本存在安全漏洞，该漏洞源于add_ca_certs函数空指针取消引用，可能导致拒绝服务攻击。

Description (English)

Cesanta Mongoose is an embedded server library of Cesanta Ireland, which includes functions such as TCP, HTTP client and server, WenSocket client and server. There was a security loophole in the previous version of Cesanta Mongoose 7.2, which originated from the cancellation of the empty pointer of the add ca certs function, which could lead to the denial of service attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Cesanta

Published

2025-11-24

Last Modified

2026-02-24

References

https://github.com/cesanta/mongoose/issues/3306 https://github.com/cesanta/mongoose/pull/3307

Patch

https://github.com/cesanta/mongoose/releases