PT-2019-13049 · Cesanta · Mongoose

Yakun Zhang

+1

·

Published

2019-06-24

·

Updated

2020-08-24

·

CVE-2019-12951

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Mongoose versions prior to 6.15
Description A critical heap-based buffer overflow issue was discovered in the parse mqtt() function in mg mqtt.c.
Recommendations For versions prior to 6.15, update to version 6.15 or later to resolve the issue.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2019-12951

Affected Products

Mongoose