Описание
A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack.
Ссылки
- Product
- Exploit
- Patch
- Product
- Exploit
- Patch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:emqx:nanomq:0.17.2:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00093
Низкий
7.5 High
CVSS3
Дефекты
CWE-787
CWE-787
Связанные уязвимости
CVSS3: 7.5
github
больше 2 лет назад
A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack.
EPSS
Процентиль: 27%
0.00093
Низкий
7.5 High
CVSS3
Дефекты
CWE-787
CWE-787