logo

Database

Asymmetric denial of service In mqtt

Description

Denial of Service in mqtt Affected versions of mqtt will cause the node process to crash when receiving specially crafted MQTT packets, making the application vulnerable to a denial of service condition.

Recommendation

Update to v1.0.0 or later

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2016-10002422. NVD-2016-10002423. OSV-2016-10002424. GCVE-2016-1000242

References

1. https://github.com/mqttjs/MQTT.js/blob/388a084d7803934b18b43c1146c817deaa1396b1/lib/parse.js#L2302. https://www.npmjs.com/advisories/140

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.