Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-72qw-2vp3-gvg9

Опубликовано: 11 окт. 2024
Источник: github
Github: Не прошло ревью
CVSS4: 7.2
CVSS3: 7.5

Описание

In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets.

In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets.

Ссылки

EPSS

Процентиль: 55%
0.00321
Низкий

7.2 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2024-8376

Дефекты

CWE-401

Связанные уязвимости

ubuntu логотип

CVE-2024-8376

CVSS3: 7.5
ubuntu
9 месяцев назад

In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets.

redhat логотип

CVE-2024-8376

CVSS3: 7.5
redhat
9 месяцев назад

In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets.

nvd логотип

CVE-2024-8376

CVSS3: 7.5
nvd
9 месяцев назад

In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets.

debian логотип

CVE-2024-8376

CVSS3: 7.5
debian
9 месяцев назад

In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve me ...

redos логотип

ROS-20241017-02

CVSS3: 8.3
redos
8 месяцев назад

Уязвимость mosquitto

EPSS

Процентиль: 55%
0.00321
Низкий

7.2 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2024-8376

Дефекты

CWE-401