CVE-2023-0809

Medium

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.

eclipse·CWE-789·Published 2023-10-02

CVSS

5.3

EPSS

0.01

KEV

Exploits

cve.orgen

122 chars

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.

NVDen

122 chars

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets.

En Mosquitto anterior a 2.0.16, el exceso de memoria se asigna en función de paquetes iniciales maliciosos que no son paquetes CONNECT.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	5.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
3.1	Primary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
3.1	Secondary	NVD	5.8	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L