357.json

{
  "id": 357,
  "created_at": "2018-01-02",
  "updated_at": "2018-01-02",
  "title": "Remote PUBLISH DoS",
  "author": {
    "name": "mcollina",
    "website": null,
    "username": null
  },
  "module_name": "mqtt",
  "publish_date": "2018-01-02",
  "cves": [
    "CVE-2017-10910"
  ],
  "vulnerable_versions": ">=2.0.0",
  "patched_versions": ">=2.15.0",
  "overview": "MQTT.js 2.x.x prior to 2.15.0 issue in handling PUBLISH tickets may lead to an attacker causing a denial-of-service condition.",
  "recommendation": "Update to version 2.15.0 or later.",
  "references": [
    "https://github.com/mqttjs/MQTT.js/commit/403ba53b838f2d319a0c0505a045fe00239e9923",
    "https://github.com/mqttjs/MQTT.js/releases/tag/v2.15.0",
    "https://jvn.jp/en/jp/JVN45494523/index.html"
  ],
  "cvss_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
  "cvss_score": 4.3,
  "coordinating_vendor": null
}