Eclipse: >> Wakaama Security Vulnerabilities
In Eclipse Wakaama, ever since its inception until 2021-01-14, the CoAP parsing code does not properly sanitize network-received data.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-02-01
In Eclipse Wakaama (formerly liblwm2m) 1.0, core/er-coap-13/er-coap-13.c in lwm2mserver in the LWM2M server mishandles invalid options, leading to a memory leak. Processing of a single crafted packet leads to leaking (wasting) 24 bytes of memory. This can lead to termination of the LWM2M server after exhausting all available memory.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-02-22