CVE-2024-42649
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-14
Last updated on: 2025-07-16
Assigner: MITRE
Description
Description
NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| emqx | nanomq | 0.22.10 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-401 | The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
NanoMQ version 0.22.10 contains a memory leak vulnerability that allows attackers to cause a Denial of Service (DoS) by sending a specially crafted PUBLISH message to the broker.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to cause a Denial of Service (DoS) on the NanoMQ broker, potentially disrupting MQTT messaging services and affecting the availability of IoT or other systems relying on NanoMQ for communication.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70