CVE-2021-26530: The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 (compile ...

Severity: Critical

CVSS Score: 9.1

The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 (compiled with OpenSSL support) is vulnerable to remote OOB write attack via connection request after exhausting memory pool.