CVE-2024-8376
11.10.2024, 16:15
In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets.Enginsight
| Vendor | Product | Version |
|---|---|---|
| eclipse | mosquitto | 𝑥 < 2.0.19 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
References