Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-839c-6kqx-nkfn

Summary Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.

Aliases

alias	CVE-2024-42390

Fixed_packages

Affected_packages

References

reference_url

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42390

reference_id

vulnerability-advisories-cve-2024-42390

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-18T13:35:51Z/

url

https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42390

Weaknesses

cwe_id	823
name	Use of Out-of-range Pointer Offset
description	The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.

Exploits

Severity_range_score 4.3 - 4.3

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-839c-6kqx-nkfn

Vulnerability Instance