3 matches found
CVE-2023-33657
A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nnimqttmsggetpublishproperty in the file mqttmsg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a denial of service attack...
NanoMQ 资源管理错误漏洞
NanoMQ is a lightweight and fast MQTT Broker for IoT edge platforms open-sourced by EMQ Technologies, USA. A security vulnerability exists in NanoMQ version 0.17.2, which stems from improper data tracking and can trigger memory reuse after release by calling the function...
PT-2023-24436 · Nanomq · Nanomq
Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.17.2 Description: A use-after-free issue exists due to improper data tracing. This can be triggered by calling the function nni mqtt msg get publish property in the file mqtt msg.c, potentially allowing an attacker to cause a...