CVE-2023-33657

Published: Jun 8, 2023

Modified: Jan 6, 2025

PUBLISHED

Description

A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a denial of service attack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/emqx/nanomq

https://github.com/emqx/nanomq/issues/1165#issue-1668648319

https://github.com/emqx/nanomq/pull/1187

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-33657

Description

Affected Products

References