Denial Of Service (DoS)

2018-06-0602:30:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.005 Low

EPSS

Percentile

77.1%

JSON

mosquitto is vulnerable to denial of service (DoS) attacks. The vulnerability exists due to the lack of checks on invalid UTF-8 characters in the topic strings, causing a broker to disconnect when parsing invalid strings.

CPENameOperatorVersion
mosquittoeq1.4.8
mosquitto:xenialeq1.4.8

CPE	Name	Operator	Version
	mosquitto	eq	1.4.8
	mosquitto:xenial	eq	1.4.8

References

bugs.eclipse.org/bugs/show_bug.cgi?id=532113

github.com/eclipse/mosquitto/commit/b11855821e5848fdbb6f66b609b2e1c25c7ddb8a

0.005 Low

EPSS

Percentile

77.1%

JSON

Related for VERACODE:6570