Lucene search
HistoryOct 02, 2023 - 8:15 p.m.
CVE-2023-3592
mosquitto
memory leak
connect packets
v5
cve-2023-3592
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
13.4%
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types.
Affected configurations
Node
eclipsemosquittoRange<2.0.16
Related
osv
osv
CVE-2023-3592
2023-10-02 20:15:10
mosquitto - security update
2023-10-01 00:00:00
mosquitto vulnerabilities
2023-11-21 15:23:51
cvelist
cvelist
CVE-2023-3592
2023-10-02 19:01:54
prion
prion
Memory corruption
2023-10-02 20:15:00
alpinelinux
alpinelinux
CVE-2023-3592
2023-10-02 20:15:10
debiancve
debiancve
CVE-2023-3592
2023-10-02 20:15:10
redhatcve
redhatcve
CVE-2023-3592
2023-12-12 21:54:32
veracode
veracode
Denial Of Service (DoS)
2023-08-24 19:16:33
ubuntucve
ubuntucve
CVE-2023-3592
2023-10-02 00:00:00
cve
cve
CVE-2023-3592
2023-10-02 20:15:10
redos
redos
ROS-20240527-02
2024-05-27 00:00:00
openvas
openvas
Fedora: Security Advisory for libwebsockets (FEDORA-2023-6a87c003c4)
2023-09-02 00:00:00
Fedora: Security Advisory for mosquitto (FEDORA-2023-9adc4be8b0)
2023-09-16 00:00:00
Fedora: Security Advisory for mosquitto (FEDORA-2023-e7ed15ab9e)
2023-09-02 00:00:00
gentoo
gentoo
Eclipse Mosquitto: Multiple Vulnerabilities
2024-01-07 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: mosquitto-2.0.17-1.fc38
2023-09-01 01:30:04
[SECURITY] Fedora 38 Update: libwebsockets-4.3.2-5.fc38
2023-09-01 01:30:03
[SECURITY] Fedora 37 Update: mosquitto-2.0.17-1.fc37
2023-09-01 01:29:51
nessus
nessus
Fedora 38 : libwebsockets / mosquitto (2023-6a87c003c4)
2023-09-01 00:00:00
Fedora 39 : mosquitto (2023-9adc4be8b0)
2023-11-07 00:00:00
GLSA-202401-09 : Eclipse Mosquitto: Multiple Vulnerabilities
2024-01-09 00:00:00
ibm
ibm
debian
debian
[SECURITY] [DSA 5511-1] mosquitto security update
2023-10-01 19:39:12
redhat
redhat
(RHSA-2024:1061) Moderate: Red Hat Satellite 6 security and bug fix update
2024-02-29 20:30:29
(RHSA-2024:0797) Important: Satellite 6.14.2 Async Security Update
2024-02-13 14:38:17
ubuntu
ubuntu
Mosquitto vulnerabilities
2023-11-21 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
13.4%
Related for NVD:CVE-2023-3592