Количество 7
Количество 7
CVE-2024-10525
In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients.
CVE-2024-10525
In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients.
CVE-2024-10525
In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients.
CVE-2024-10525
In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a maliciou ...
GHSA-cm54-mprw-5279
In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients.
BDU:2024-09881
Уязвимость брокера сообщений Eclipse Mosquitto, связанная с переполнением буфера в динамической памяти, позволяющая нарушителю получить доступ к конфиденциальной информации
ROS-20241112-07
Множественные уязвимости mosquitto
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-10525 In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients. | CVSS3: 9.8 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-10525 In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients. | CVSS3: 7.6 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-10525 In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients. | CVSS3: 9.8 | 0% Низкий | 8 месяцев назад |
| CVE-2024-10525 In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a maliciou ... | CVSS3: 9.8 | 0% Низкий | 8 месяцев назад |
| GHSA-cm54-mprw-5279 In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients. | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
 | BDU:2024-09881 Уязвимость брокера сообщений Eclipse Mosquitto, связанная с переполнением буфера в динамической памяти, позволяющая нарушителю получить доступ к конфиденциальной информации | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
 | ROS-20241112-07 Множественные уязвимости mosquitto | CVSS3: 9.1 | 7 месяцев назад |
Уязвимостей на страницу