CVE-2017-7654

Summary

In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of service in the Mosquitto Broker.

Affected Software

VendorProductVersion RangeStatus
The Eclipse FoundationEclipse Mosquittounspecified <= 1.4.15affected

Weaknesses

  • CWE-401: CWE-401: Improper Release of Memory Before Removing Last Reference

ADP Enrichment

CVE Program Container

Additional References

References