Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Eclipse Mosquito: Double free vulnerability
Vulnerability Description
In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the broker a double free will occur with a subsequent crash of the broker.
CVSS Information
N/A
Vulnerability Type
双重释放
Vulnerability Title
Eclipse Mosquitto 安全漏洞
Vulnerability Description
Eclipse Mosquitto是Eclipse基金会的一套开源的消息代理软件。 Eclipse Mosquitto 2.0.0至2.0.18版本存在安全漏洞,该漏洞源于如果Mosquitto代理设置了传出桥接,并且该桥接对传入主题进行了重新映射,当远程连接发送特定构造的PUBLISH数据包时,可能会导致双重释放问题,进而使代理崩溃。
CVSS Information
N/A
Vulnerability Type
N/A