In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types.
References
Link | Resource |
---|---|
https://mosquitto.org/blog/2023/08/version-2-0-16-released/ | Release Notes |
https://security.gentoo.org/glsa/202401-09 |
Configurations
History
07 Jan 2024, 10:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Oct 2023, 17:00
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:* | |
First Time |
Eclipse mosquitto
Eclipse |
|
References | (MISC) https://mosquitto.org/blog/2023/08/version-2-0-16-released/ - Release Notes | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-401 |
02 Oct 2023, 20:26
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-02 20:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-3592
Mitre link : CVE-2023-3592
CVE.ORG link : CVE-2023-3592
JSON object : View
Products Affected
eclipse
- mosquitto
CWE
CWE-401
Missing Release of Memory after Effective Lifetime