What the vulnerability does

01Description

In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of service in the Mosquitto Broker.

Key dates

02Disclosure timeline

June 5, 2018 CVE published
August 5, 2024 Record updated