← Back

Mongoose

mongoose

Vendor: Valenok • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2011-2900
3Shttpd
ValenokYassl
3Mongoose
ShttpdYasslews
Apr 29, 2026
Aug 5, 2011
N/A· v4
N/A· v3
7.5 HIGH· v2
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simpl...Show more
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011.Show less
CVE-2009-4535
1Valenok
1Mongoose
Apr 23, 2026
Dec 31, 2009
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by appending a / (slash) character to the URI.