2 matches found
MGASA-2021-0349 Updated mosquitto packages fix security vulnerability
Updated mosquitto packages fix security vulnerability: If an authenticated client connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur. For other fixes in this update, see the mosquitto.org blog reference...
MGASA-2019-0345 Updated mosquitto packages fix security vulnerability
Updated mosquitto packages fix security vulnerability: A vulnerability was discovered in mosquitto, allowing a malicious MQTT client to cause a denial of service stack overflow and daemon crash, by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy...