VYPR
Unrated severityNVD Advisory· Published Oct 11, 2024· Updated Oct 31, 2024

Memory leak

CVE-2024-8376

Description

In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: <=2.0.18a
  • Eclipse Foundation/Mosquittov5
    Range: 2.0.18

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.