Discovery API Icon
Discovery API
Security Advisory Icon
Security Advisory
Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2023-0809

Published: August 31, 2023Last modified: August 31, 2023

Description

Excessive memory being allocated based on malicious initial packets that are not CONNECT packets.

Severity score breakdown

ParameterValue
Base score5.3
Attack VectorNETWORK
Attack complexityLOW
Privileges requiredNONE
User interactionNONE
ScopeUNCHANGED
ConfidentialityNONE
Integrity impactNONE
Availability impactLOW
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Notes

https://mosquitto.org/blog/2023/08/version-2-0-16-released/

Status

ProductReleasePackageStatus
Alpaquita LinuxStreammosquittoNot affected (2.0.17-r0)

References

ON THIS PAGE