CVE-2024-10525 - Eclipse Mosquitto Out-of-Bounds Memory Access Vulnerability

3 weeks ago 10
ARTICLE AD BOX
CVE ID : CVE-2024-10525
Published : Oct. 30, 2024, 12:15 p.m. | 24 minutes ago
Description : In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article