CNNVD-202507-3608 Information
CNNVD ID
CNNVD-202507-3608
Related CVE
- CNNVD Published: 2025-07-29
Description (Chinese)
FlashMQ是Wiebe Cazemier个人开发者的个快速轻量级的MQTT代理服务器。 FlashMQ 1.14.0版本存在安全漏洞,该漏洞源于PublishCopyFactory::getNewPublish函数中的断言失败,当发布对象的QoS值大于0时触发。
Description (English)
FlashMQ is a fast and lightweight MQTT proxy server for Wiebe Cazemier personal developers. Version 1.14.0 of FlashMQ has a security loophole, which originates from the failure of the assertion in the PublishCopyFactory::getNewPublish function and is triggered when the QoS value of the published object is greater than 0.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-07-29
Last Modified
2026-02-24
References
https://www.flashmq.org/2024/06/17/flashmq-1-15-1-released/ https://github.com/songxpu/bug_report/blob/master/MQTT/FlashMQ/cve-2024-42644.md https://github.com/halfgaar/FlashMQ https://access.redhat.com/security/cve/cve-2024-42644
Patch
https://github.com/halfgaar/FlashMQ/releases
Share on: