CVE-2023-33658

Name of the Vulnerable Software and Affected Versions NanoMQ version 0.17.2

Description A heap buffer overflow issue exists, which can be triggered by calling the function nni msg get pub pid() in the file message.c. This can lead to a denial of service attack.

Recommendations For NanoMQ version 0.17.2, consider disabling the nni msg get pub pid() function as a temporary workaround until a patch is available. Restrict access to the message.c file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.