CVE-2024-31040

2024-04-1700:00:00

mitre

www.cve.org

buffer overflow

get_var_integer

denial of service

mqtt

nanomq

cve-2024-31040

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Buffer Overflow vulnerability in the get_var_integer function in mqtt_parser.c in NanoMQ 0.21.7 allows remote attackers to cause a denial of service via a series of specially crafted hexstreams.

References

github.com/nanomq/nanomq/issues/1720