GCVE - cpe:2.3:a:cesanta:mongoose:6.16:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:cesanta:mongoose:6.16:*:*:*:*:*:*:*

part: a version: 6.16 update: *

Vendor	Cesanta (`91223ef9-9be1-51ca-9999-b3190ce9965d`)
Product	Mongoose (`749d186c-b6b5-5dfe-a2fa-a74c5ea145b3`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/cesanta/mongoose`	purl2cpe	2026-06-01 10:17:36.212278
`pkg:rpm/fedora/mongoose`	purl2cpe	2026-06-01 10:17:36.212280
`pkg:rpm/opensuse/mongoose`	purl2cpe	2026-06-01 10:17:36.212281
`pkg:sourceforge/mongoose-emb-web-server.mirror`	purl2cpe	2026-06-01 10:17:36.212283

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-19307`	vulnerable	2026-06-08 05:13:22.104303	Details available An integer overflow in parse_mqtt in mongoose.c in Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS (infinite loop), or possibly cause an out-of-bounds write, by sending a crafted MQTT protocol packet. Published: 2019-11-26T15:15:04.000Z Updated: 2024-08-05T02:16:46.823Z Open on db.gcve.eu Reference links https://github.com/cesanta/mongoose/issues/1055	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.