FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-19 12:13:07 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
cc553d79-e1f0-4b94-89f2-bacad42ee826	mosquitto -- NULL pointer dereference Roger Light reports: If an authenticated client connected with MQTT v5 sent a malformed CONNACK message to the broker a NULL pointer dereference occurred, most likely resulting in a segfault. (Note: a CVE is referenced in the github commit but it appears to be for a python-bleach vulnerability so it is not included here.) Discovery 2021-04-10 Entry 2021-07-24 mosquitto >= 2.0.0 lt 2.0.10 https://github.com/eclipse/mosquitto/blob/d5ecd9f5aa98d42e7549eea09a71a23eef241f31/ChangeLog.txt

VuXML ID

Description

cc553d79-e1f0-4b94-89f2-bacad42ee826

mosquitto -- NULL pointer dereference

Roger Light reports:

If an authenticated client connected with MQTT v5 sent a malformed CONNACK message to the broker a NULL pointer dereference occurred, most likely resulting in a segfault.

(Note: a CVE is referenced in the github commit but it appears to be for a python-bleach vulnerability so it is not included here.)

Discovery 2021-04-10
Entry 2021-07-24
mosquitto

>= 2.0.0 lt 2.0.10

https://github.com/eclipse/mosquitto/blob/d5ecd9f5aa98d42e7549eea09a71a23eef241f31/ChangeLog.txt