Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a denial of service attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NanoMQ 资源管理错误漏洞
Vulnerability Description
NanoMQ是美国EMQ Technologies开源的一款用于物联网边缘平台的轻量级快速 MQTT Broker。 NanoMQ 0.17.2版本存在安全漏洞,该漏洞源于数据追踪不当,可以通过调用文件 mqtt_msg.c 中的函数 nni_mqtt_msg_get_publish_property() 来触发内存释放后重用。
CVSS Information
N/A
Vulnerability Type
N/A