漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Eclipse Mosquito: Double free vulnerability
Vulnerability Description
In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the broker a double free will occur with a subsequent crash of the broker.
CVSS Information
N/A
Vulnerability Type
双重释放
Vulnerability Title
Eclipse Mosquitto 安全漏洞
Vulnerability Description
Eclipse Mosquitto是Eclipse基金会的一套开源的消息代理软件。 Eclipse Mosquitto 2.0.0至2.0.18版本存在安全漏洞,该漏洞源于如果Mosquitto代理设置了传出桥接,并且该桥接对传入主题进行了重新映射,当远程连接发送特定构造的PUBLISH数据包时,可能会导致双重释放问题,进而使代理崩溃。
CVSS Information
N/A
Vulnerability Type
N/A