8 matches found
Security Bulletin: IBM App Connect Enterprise and IBM Integration Bus are vulnerable to a denial of service due to Eclipse Mosquitto.
Summary The built-in MQTT pub/sub broker in IBM App Connect Enterprise and IBM Integration Bus is vulnerable to a denial of service due to Eclipse Mosquitto. CVE-2023-5632 Vulnerability Details CVEID: CVE-2023-5632 DESCRIPTION: Eclipse Mosquitto is vulnerable to a denial of service, caused by a...
OESA-2023-1774 mosquitto security update
Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...
CVE-2023-5632
A denial of service vulnerability was found in Eclipse Mosquitto. Establishing a connection to the Mosquitto server without sending data could lead to excessive CPU consumption and a denial of service...
CVE-2023-5632
In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, which results excessive CPU consumption. This could be used by a malicious actor to perform denial of service type attack. This issue is...
BELL-CVE-2023-5632 CVE-2023-5632 does not affect BellSoft software
Bulletin has no description...
CVE-2023-5632 Unconditionally adding an event to the epoll causes excessive CPU consumption
In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, which results excessive CPU consumption. This could be used by a malicious actor to perform denial of service type attack. This issue is...
CVE-2023-5632
Eclipse Mosquitto contains a denial-of-service issue (CVE-2023-5632): when establishing a connection to the broker without sending data, an EPOLLOUT event is added, causing excessive CPU usage. Affected versions are Mosquitto before and including 2.0.5; the issue is fixed in 2.0.6. Several feeds ...
CVE-2023-5632 Unconditionally adding an event to the epoll causes excessive CPU consumption
In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, which results excessive CPU consumption. This could be used by a malicious actor to perform denial of service type attack. This issue is...