Описание
Denial of Service in mqtt-packet
Versions of mqtt-packet prior to 3.4.6, or 4.x prior to 4.0.5 are affected by a denial of service vulnerability wherein specific sequences of MQTT packets can crash the application.
Recommendation
Version 3.x: Update to version 3.4.6 or later. Version 4.x: Update to version 4.0.5 or later.
Пакеты
mqtt-packet
< 3.4.6
3.4.6
mqtt-packet
>= 4.0.0, < 4.0.5
4.0.5
Связанные уязвимости
MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth.
MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted MQTT packets to crash the application, making a DoS attack feasible with very little bandwidth.
MQTT before 3.4.6 and 4.0.x before 4.0.5 allows specifically crafted M ...