2 matches found
USN-7441-1 mosquitto vulnerabilities
It was discovered that Eclipse Mosquitto client incorrectly handled memory when receiving a SUBACK packet. An attacker with a malicious broker could possibly use this issue to execute arbitrary code or cause a denial of service. CVE-2024-10525 Xiangpu Song discovered that Eclipse Mosquitto broker...
OESA-2024-2344 mosquitto security update
Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...