OSV-2021-1568

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/wolfmqtt/OSV-2021-1568.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2021-1568
Published
2021-11-12T00:00:42.998549Z
Modified
2022-04-13T03:04:34.027054Z
Summary
Heap-use-after-free in MqttDecode_Props
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40904

Crash type: Heap-use-after-free READ 1
Crash state:
MqttDecode_Props
MqttDecode_Disconnect
MqttClient_DecodePacket
References

Affected packages

OSS-Fuzz / wolfmqtt

Package

Name
wolfmqtt
Purl
pkg:generic/wolfmqtt

Affected ranges

Type
GIT
Repo
https://github.com/wolfSSL/wolfMQTT.git
Events

Affected versions

v1.*

v1.10.0
v1.11.0

Ecosystem specific

{
    "severity": "HIGH"
}

Database specific

{
    "fixed_range": "9ca8696699cda17ad32ecb2cf22e2cd9ca5e47ab:147aa20720112bb8d3c814c6a3cfa95837df4256"
}