Lucene search
EclipseCVELIST:CVE-2023-0809HistoryOct 02, 2023 - 6:56 p.m.
CVE-2023-0809
2023-10-0218:56:26
CWE-789
eclipse
www.cve.org
9
mosquitto
memory allocation
vulnerability
CVSS3
5.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
28.2%
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Mosquitto",
"vendor": "Eclipse",
"versions": [
{
"lessThan": "2.0.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2023-0809
2023-10-02 18:56:26
ubuntucve
ubuntucve
CVE-2023-0809
2023-10-02 00:00:00
redhatcve
redhatcve
CVE-2023-0809
2023-12-12 21:54:32
osv
osv
CVE-2023-0809
2023-10-02 19:15:09
mosquitto - security update
2023-10-01 00:00:00
mosquitto vulnerabilities
2023-11-21 15:23:51
cve
cve
CVE-2023-0809
2023-10-02 19:15:09
debiancve
debiancve
CVE-2023-0809
2023-10-02 19:15:09
veracode
veracode
Remote Code Execution (RCE)
2023-08-23 17:16:56
nvd
nvd
CVE-2023-0809
2023-10-02 19:15:09
prion
prion
Design/Logic Flaw
2023-10-02 19:15:00
alpinelinux
alpinelinux
CVE-2023-0809
2023-10-02 19:15:09
redos
redos
ROS-20240527-02
2024-05-27 00:00:00
openvas
openvas
Fedora: Security Advisory for libwebsockets (FEDORA-2023-6a87c003c4)
2023-09-02 00:00:00
Fedora: Security Advisory (FEDORA-2023-9adc4be8b0)
2023-09-16 00:00:00
Fedora: Security Advisory for mosquitto (FEDORA-2023-6a87c003c4)
2023-09-02 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: mosquitto-2.0.17-1.fc38
2023-09-01 01:30:04
[SECURITY] Fedora 37 Update: mosquitto-2.0.17-1.fc37
2023-09-01 01:29:51
[SECURITY] Fedora 38 Update: libwebsockets-4.3.2-5.fc38
2023-09-01 01:30:03
gentoo
gentoo
Eclipse Mosquitto: Multiple Vulnerabilities
2024-01-07 00:00:00
ibm
ibm
nessus
nessus
GLSA-202401-09 : Eclipse Mosquitto: Multiple Vulnerabilities
2024-01-09 00:00:00
Fedora 37 : mosquitto (2023-e7ed15ab9e)
2023-09-01 00:00:00
Fedora 38 : libwebsockets / mosquitto (2023-6a87c003c4)
2023-09-01 00:00:00
debian
debian
[SECURITY] [DSA 5511-1] mosquitto security update
2023-10-01 19:39:12
redhat
redhat
(RHSA-2024:1061) Moderate: Red Hat Satellite 6 security and bug fix update
2024-02-29 20:30:29
(RHSA-2024:0797) Important: Satellite 6.14.2 Async Security Update
2024-02-13 14:38:17
ubuntu
ubuntu
Mosquitto vulnerabilities
2023-11-21 00:00:00
CVSS3
5.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
28.2%
Related for CVELIST:CVE-2023-0809