NA

CVE-2021-22945

Vulnerability Summary

A use-after-free security issue has been found in the MQTT sending component of curl prior to 7.79.0. When sending data to an MQTT server, libcurl could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vendor Advisories

A use-after-free security issue has been found in the MQTT sending component of curl before 7790 When sending data to an MQTT server, libcurl could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again ...

Mailing Lists

UAF and double-free in MQTT sending =================================== Project curl Security Advisory, September 15th 2021 - [Permalink](curlse/docs/CVE-2021-22945html) VULNERABILITY ------------- When sending data to an MQTT server, libcurl could in some circumstances erroneously keep a pointer to an already freed memory area and bot ...