« List of all CVEs

CVE-2019-11779

Published: 9/19/2019 Last updated: 8/4/2024 Reserved: 5/6/2019

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur.

CNA assigner: eclipse (e51fbebd-6053-4e49-959f-1b94eeb69a2c) Requested by: n/a

Opam packages affected (1)

conf-libmosquitto

Products affected (1)

Product Vendor Version
Eclipse Mosquitto The Eclipse Foundation 1.0

References (20)