CNNVD-202507-2047 Information

CNNVD ID

CNNVD-202507-2047

Related CVE

CVE-2024-42650

• CNNVD Published: 2025-07-15

Description (Chinese)

NanoMQ是美国EMQ开源的一款用于物联网边缘平台的轻量级快速 MQTT Broker。 NanoMQ 0.17.5版本存在安全漏洞，该漏洞源于组件/nanomq/pub_handler.c存在分段错误，可能导致拒绝服务攻击。

Description (English)

NanoMQ is a lightweight fast MQTT Broker for the EEMQ open source in the United States of America. There is a security loophole in version NanoMQ 0.17.5, which stems from a sub-section error in the component/nanomq/pub handler.c, which may lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

EMQX

Published

2025-07-15

Last Modified

2026-02-24

References

https://github.com/nanomq/nanomq https://github.com/nanomq/nanomq/pull/1170 https://github.com/emqx/nanomq/issues/1168 https://nvd.nist.gov/vuln/detail/CVE-2024-42650 https://access.redhat.com/security/cve/cve-2024-42650

Patch

https://github.com/nanomq/nanomq/releases