USN-6492-1
Vulnerability Summary
Timeline
Description
mosquitto vulnerabilities Kathrin Kleinhammer discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-34431) Zhanxiang Song discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause an authorisation bypass. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2021-34434) Zhanxiang Song, Bin Yuan, DeQing Zou, and Hai Jin discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2021-41039) Zhengjie Du discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-0809) It was discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-3592) Mischa Bachmann discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue was only fixed in Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-28366)
Affected Systems
- ubuntu•mosquitto
< 1.6.9-1ubuntu0.1~esm1 | < 2.0.11-1ubuntu1.1