pkg:Alpine/mosquitto
共 14 筆 CVEHIGH8MEDIUM6
✅ 檢查你的版本
所有已知漏洞
- HIGH8.1CVE-2018-12551When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured to use a password file for authentication, any malformed data in the…from 0, < 1.5.6-r0
- HIGH8.1CVE-2018-12550When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured to use an ACL file, and that ACL file is empty, or contains only comm…from 0, < 1.5.6-r0
- HIGH7.5CVE-2023-3592In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property ty…from 0, < 2.0.16-r0
- HIGH7.5CVE-2023-28366The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS…from 0, < 2.0.16-r0
- HIGH7.5CVE-2021-34432In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0.from 0, < 1.6.8-r1
- HIGH7.5CVE-2018-12543In Eclipse Mosquitto versions 1.5 to 1.5.2 inclusive, if a message is published to Mosquitto that has a topic starting with $, but that is…from 0, < 1.5.3-r0
- HIGH7.5CVE-2017-7652In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers…from 0, < 1.4.15-r0
- from 0, < 1.4.15-r0
- MEDIUM6.5CVE-2021-28166In Eclipse Mosquitto version 2.0.0 to 2.0.9, if an authenticated client that had connected with MQTT v5 sent a crafted CONNACK message to t…from 0, < 2.0.10-r0
- from 0, < 1.6.3-r1
- from 0, < 1.5.6-r0
- from 0, < 1.4.12-r0
- from 0, < 1.4.13-r0
- MEDIUM5.3CVE-2023-0809In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.from 0, < 2.0.16-r0