Wolfmqtt Security Vulnerabilities and Issues — Wolfmqtt CVE List

WolfsslWolfmqtt

7 matches found

CVE•added 2021/12/31 11:58 p.m.•37 views

CVE-2021-45932

CVE-2021-45932 affects wolfSSL wolfMQTT 1.9. A heap-based buffer overflow of 4 bytes occurs in MqttDecode_Publish (invoked via MqttClient_DecodePacket and MqttClient_HandlePacket). Reported impact per NVD indicates partial availability impact; exploitation status is not documented in the provided...

5.5CVSS5.7AI score0.0021EPSS

CVE•added 2021/12/31 11:57 p.m.•35 views

CVE-2021-45938

CVE-2021-45938 affects wolfSSL wolfMQTT 1.9. The issue is a heap-based buffer overflow in MqttClient_DecodePacket, triggered via MqttClient_WaitType and MqttClient_Unsubscribe. Root cause described as failure to properly determine memory boundaries. No remediation details are provided in the conn...

5.5CVSS5.8AI score0.0021EPSS

CVE•added 2021/12/31 11:57 p.m.•33 views

CVE-2021-45939

The CVE-2021-45939 entry concerns wolfSSL wolfMQTT 1.9, where a heap-based buffer overflow occurs in MqttClient_DecodePacket (triggered by MqttClient_WaitType and MqttClient_Subscribe). The connected documents confirm the affected component and the root cause (memory boundary mismanagement leadin...

5.5CVSS5.8AI score0.0021EPSS

CVE•added 2021/12/31 11:58 p.m.•32 views

CVE-2021-45933

The vulnerability CVE-2021-45933 affects wolfSSL wolfMQTT 1.9. A heap-based buffer overflow (8 bytes) occurs in MqttDecode_Publish, called from MqttClient_DecodePacket and MqttClient_HandlePacket. The root cause is improper memory boundary handling in that function. The impact is not elaborated b...

5.5CVSS5.7AI score0.0021EPSS

CVE•added 2021/12/31 11:58 p.m.•32 views

CVE-2021-45934

The CVE-2021-45934 entry concerns wolfSSL wolfMQTT 1.9 and a heap-based buffer overflow in MqttClient_DecodePacket (invoked by MqttClient_HandlePacket and MqttClient_WaitType). The issue is rooted in how packets are decoded, potentially enabling an overflow condition when handling MQTT packets. C...

5.5CVSS5.8AI score0.0021EPSS

CVE•added 2021/12/31 11:57 p.m.•31 views

CVE-2021-45936

CVE-2021-45936 affects wolfSSL wolfMQTT 1.9. The vulnerability is a heap-based buffer overflow in MqttDecode_Disconnect, invoked from MqttClient_DecodePacket and MqttClient_WaitType. Affected component is wolfMQTT’s MQTT decoding path; exploitation could lead to memory corruption. The NVD entry l...

5.5CVSS5.8AI score0.0021EPSS

CVE•added 2021/12/31 11:57 p.m.•29 views

CVE-2021-45937

wolfSSL wolfMQTT 1.9 is affected by a heap-based buffer overflow in MqttClient_DecodePacket, invoked from MqttClient_WaitType and MqttClient_Connect. The vulnerability is described across multiple sources (CVE-2021-45937) with root cause in memory boundary checks during decoding; impact includes ...

5.5CVSS5.8AI score0.0021EPSS