CVE-2019-17210
In Arm Mbed OS (2017-11-02) the MQTT library is affected by a denial-of-service vulnerability. The root cause is readMQTTLenString() using mqttstring->lenstring.len (user-controlled) to influence control flow in MQTTDeserialize_publish(). If an attacker enlarges len, the if-statement is skippe...