FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
cc553d79-e1f0-4b94-89f2-bacad42ee826mosquitto -- NULL pointer dereference

Roger Light reports:

If an authenticated client connected with MQTT v5 sent a malformed CONNACK message to the broker a NULL pointer dereference occurred, most likely resulting in a segfault.

(Note: a CVE is referenced in the github commit but it appears to be for a python-bleach vulnerability so it is not included here.)


Discovery 2021-04-10
Entry 2021-07-24
mosquitto
ge 2.0.0 lt 2.0.10

https://github.com/eclipse/mosquitto/blob/d5ecd9f5aa98d42e7549eea09a71a23eef241f31/ChangeLog.txt