Bugs fixes in "mosquitto"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2023-28366 | The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages | 2023-11-21 |
| CVE | CVE-2023-0809 | In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. | 2023-11-21 |
| CVE | CVE-2021-41039 | In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CP | 2023-11-21 |
| CVE | CVE-2021-34434 | In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is | 2023-11-21 |
| CVE | CVE-2023-28366 | The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages | 2023-11-21 |
| CVE | CVE-2023-0809 | In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. | 2023-11-21 |
| CVE | CVE-2021-41039 | In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CP | 2023-11-21 |
| CVE | CVE-2021-34434 | In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is | 2023-11-21 |
| CVE | CVE-2017-7654 | In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted | 2019-06-20 |
| CVE | CVE-2017-7653 | The Eclipse Mosquitto broker up to version 1.4.15 does not reject strings that are not valid UTF-8. A malicious client could cause other clients that | 2019-06-20 |
| CVE | CVE-2017-7654 | In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted | 2019-06-20 |
| CVE | CVE-2017-7653 | The Eclipse Mosquitto broker up to version 1.4.15 does not reject strings that are not valid UTF-8. A malicious client could cause other clients that | 2019-06-20 |
| CVE | CVE-2017-7654 | In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted | 2019-06-20 |
| CVE | CVE-2017-7653 | The Eclipse Mosquitto broker up to version 1.4.15 does not reject strings that are not valid UTF-8. A malicious client could cause other clients that | 2019-06-20 |
| CVE | CVE-2017-7654 | In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted | 2019-06-20 |
| CVE | CVE-2017-7653 | The Eclipse Mosquitto broker up to version 1.4.15 does not reject strings that are not valid UTF-8. A malicious client could cause other clients that | 2019-06-20 |
| CVE | CVE-2017-7652 | In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the confi | 2018-09-06 |
| CVE | CVE-2017-7652 | In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the confi | 2018-09-06 |
| Launchpad | 1752591 | CVE-2017-7651 and CVE-2017-7652 | 2018-03-16 |
| Launchpad | 1752591 | CVE-2017-7651 and CVE-2017-7652 | 2018-03-16 |
About
-
Send Feedback to @ubuntu_updates
