VYPR
Medium severity6.5NVD Advisory· Published Dec 28, 2017· Updated Jun 17, 2026

CVE-2017-10910

CVE-2017-10910

Description

MQTT.js 2.x.x prior to 2.15.0 issue in handling PUBLISH tickets may lead to an attacker causing a denial-of-service condition.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
mqttnpm
>= 2.0.0, < 2.15.02.15.0

Affected products

3
  • cpe:2.3:a:mqtt.js_project:mqtt.js:*:*:*:*:*:node.js:*:*
    Range: >=2.0.0,<2.15.0
  • ghsa-coords
    Range: >= 2.0.0, < 2.15.0
  • MQTT.js./MQTT.jsv5
    Range: 2.x.x prior to 2.15.0

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.