Maven package
org.eclipse.paho/org.eclipse.paho.client.mqttv3
pkg:maven/org.eclipse.paho/org.eclipse.paho.client.mqttv3
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-11777 | — | < 1.2.1 | 1.2.1 | Sep 11, 2019 | In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. This could allow one MQTT server to impersonate another and provide the client library with incorre |
- CVE-2019-11777Sep 11, 2019affected < 1.2.1fixed 1.2.1
In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. This could allow one MQTT server to impersonate another and provide the client library with incorre