Nanomq@0.17.2 Security Vulnerabilities and Issues — Nanomq@0.17.2 CVE List

Lucene search

EmqxNanomq0.17.2

5 matches found

CVE•added 2023/06/08 12:15 p.m.•142 views

CVE-2023-33660

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack.

7.5CVSS7.5AI score0.00121EPSS

CVE•added 2023/06/08 1:15 p.m.•140 views

CVE-2023-33657

A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a denial of service attack.

7.5CVSS7.3AI score0.0007EPSS

CVE•added 2023/05/30 6:15 p.m.•34 views

CVE-2023-33656

A memory leak vulnerability exists in NanoMQ 0.17.2. The vulnerability is located in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack by causing the program to consume all available memory resources.

5.5CVSS5.3AI score0.00061EPSS

CVE•added 2023/06/08 12:15 p.m.•34 views

CVE-2023-33658

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack.

7.5CVSS7.5AI score0.00093EPSS

CVE•added 2023/06/06 12:15 p.m.•28 views

CVE-2023-33659

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nmq_subinfo_decode() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack.

7.5CVSS7.5AI score0.00113EPSS