{"uuid": "46291405-00bc-4122-af90-032cd0ef510b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2905", "type": "seen", "source": "https://t.me/cibsecurity/68075", "content": "\u203c CVE-2023-2905 \u203c\n\nDue to a failure in validating the length of a provided MQTT_CMD_PUBLISH\u00c2\u00a0parsed message with a variable length header, Cesanta Mongoose, an\u00c2\u00a0embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not appear to be vulnerable. This issue is resolved in version 7.11.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T12:16:21.000000Z"}