CVE-2023-3592

Summary

In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types.

Affected Software

VendorProductVersion RangeStatus
EclipseMosquitto0 < 2.0.16affected

Weaknesses

  • CWE-401: CWE-401 Missing Release of Memory after Effective Lifetime

ADP Enrichment

CVE Program Container

Additional References

References