CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-42651

NanoMQ v0.17.9 was discovered to contain a heap use-after-free vulnerability via the component sub_Ctx_handle. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SUBSCRIBE message.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.9%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/nanomq/nanomq
https://github.com/nanomq/nanomq/issues/1217
https://github.com/songxpu/bug_report/blob/master/MQTT/NanoMQ/CVE-2024-42651.md

Products affected by CVE-2024-42651

Emqx » Nanomq » Version: 0.17.9

cpe:2.3:a:emqx:nanomq:0.17.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-42651

Products

Pricing

Contact Us