CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44459
https://notcve.org/view.php?id=CVE-2024-44459
12 Sep 2024 — A memory allocation issue in vernemq v2.0.1 allows attackers to cause a Denial of Service (DoS) via excessive memory consumption. • https://github.com/zzh-newlearner/MQTT_Crash/blob/main/Vernemq_crash.md • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-33176
https://notcve.org/view.php?id=CVE-2021-33176
08 Jun 2021 — VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in the application being terminated by the operating system. VerneMQ MQTT Broker versiones anteriores a 1.12.0, son vulnerables a un ataque de denegación de servicio como resultado del consumo excesivo de memoria debido al manejo de entradas no confiabl... • https://www.synopsys.com/blogs/software-security/cyrc-advisory-rabbitmq-emqx-vernemq • CWE-502: Deserialization of Untrusted Data CWE-770: Allocation of Resources Without Limits or Throttling •