Unrated severityNVD Advisory· Published Sep 19, 2019· Updated Aug 4, 2024
CVE-2019-11779
CVE-2019-11779
Description
In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/mosquitto&distro=openSUSE%20Leap%2015.1pkg:rpm/suse/mosquitto&distro=SUSE%20Package%20Hub%2015%20SP1
< 1.5.7-lp151.2.3.1+ 1 more
- (no CPE)range: < 1.5.7-lp151.2.3.1
- (no CPE)range: < 1.5.7-bp151.3.3.1
Patches
Vulnerability mechanics
References
10- lists.opensuse.org/opensuse-security-announce/2019-09/msg00077.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2019-10/msg00008.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4WMHIM64Q35NGTR6R3ILZUL4MA4ANB5/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFWQBNFTAVHPUYNGYO2TCPF5PCSWC2Z7/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JWNVTFA2CKXERXRYPYE2YFTZP4GNBGYY/mitrevendor-advisoryx_refsource_FEDORA
- usn.ubuntu.com/4137-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2019/dsa-4570mitrevendor-advisoryx_refsource_DEBIAN
- bugs.eclipse.org/bugs/show_bug.cgimitrex_refsource_CONFIRM
- lists.debian.org/debian-lts-announce/2019/10/msg00035.htmlmitremailing-listx_refsource_MLIST
- seclists.org/bugtraq/2019/Nov/25mitremailing-listx_refsource_BUGTRAQ
News mentions
0No linked articles in our index yet.