emqx/neuron

emqx/neuron

Releases164

Frequency1 week 3 days

Last Release 2 days ago

Stars1.35K

Open source industrial connectivity server

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-10964 ↗	Nov 7, 2024Thursday, 7 November 2024, 17:15	6.3 MEDIUM	6.5 MEDIUM
A vulnerability classified as critical has been found in emqx neuron up to 2.10.0. Affected is the function handle_add_plugin in the library cmd.library of the file plugins/restful/plugin_handle.c. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
CVE-2024-10965 ↗	Nov 7, 2024Thursday, 7 November 2024, 17:15	4.3 MEDIUM	4 MEDIUM
A vulnerability classified as problematic was found in emqx neuron up to 2.10.0. Affected by this vulnerability is an unknown functionality of the file /api/v2/schema of the component JSON File Handler. The manipulation leads to information disclosure. The attack can be launched remotely. The patch is named c9ce39747e0372aaa2157b2b56174914a12c06d8. It is recommended to apply a patch to fix this issue.