Описание
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 2.0.18-1 |
| esm-apps/bionic | not-affected | code-not-present |
| esm-apps/focal | released | 1.6.9-1ubuntu0.1~esm1 |
| esm-apps/jammy | released | 2.0.11-1ubuntu1.1 |
| esm-apps/noble | not-affected | 2.0.18-1 |
| esm-apps/xenial | not-affected | code-not-present |
| esm-infra-legacy/trusty | not-affected | code-not-present |
| focal | ignored | end of standard support, was needed |
| jammy | released | 2.0.11-1ubuntu1.1 |
Показывать по
EPSS
5.8 Medium
CVSS3
Связанные уязвимости
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.
In Mosquitto before 2.0.16, excessive memory is allocated based on mal ...
In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.
Уязвимость компонента CONNECT брокера сообщений Eclipse Mosquitto, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.8 Medium
CVSS3