Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
EclipseMosquitto

4 matches found

CVE
CVEadded 2023/10/02 7:15 p.m.161 views

CVE-2023-0809

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.

5.8CVSS6AI score0.00028EPSS
CVE
CVEadded 2023/10/02 8:15 p.m.136 views

CVE-2023-3592

In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types.

7.5CVSS6.4AI score0.00037EPSS
CVE
CVEadded 2023/09/01 4:15 p.m.115 views

CVE-2023-28366

The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.

7.5CVSS7.1AI score0.0009EPSS
CVE
CVEadded 2023/10/18 9:15 a.m.58 views

CVE-2023-5632

In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, which results excessive CPU consumption. This could be used by a malicious actor to perform denial of service type attack. This issue is fixe...

7.5CVSS7.1AI score0.00091EPSS