Security Advisory

CVE-2024-35512

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-29 16:55:34

Last updated 2026-04-16 14:39:03

Assigner mitre

State PUBLISHED

Description

hmq v1.5.5 is vulnerable to Denial of Service (DoS) due to a Null Pointer Exception. A remote attacker can trigger a broker crash by sending a specially crafted MQTT UNSUBSCRIBE packet with an illegal control character Topic. The failure to properly validate this field leads to a null pointer dereference, resulting in the immediate termination of the hmq process.

← Browse all CVEs View on cve.org ↗