Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Nanomq
(Emqx)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-06-08 | CVE-2023-33660 | A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack. | Nanomq | 7.5 | ||
| 2023-06-08 | CVE-2023-33657 | A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a denial of service attack. | Nanomq | 7.5 | ||
| 2023-06-12 | CVE-2023-34488 | NanoMQ 0.17.5 is vulnerable to heap-buffer-overflow in the conn_handler function of mqtt_parser.c when it processes malformed messages. | Nanomq | 7.8 | ||
| 2023-06-12 | CVE-2023-34494 | NanoMQ 0.16.5 is vulnerable to heap-use-after-free in the nano_ctx_send function of nmq_mqtt.c. | Nanomq | 7.5 | ||
| 2024-09-12 | CVE-2024-44460 | An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS). | Nanomq | 7.5 |