CVE-2023-5632

HIGH Year: 2023
CVSS v3 Score
7.5
High
Weakness Type
CWE-834
View all →

Vulnerability Description

In Eclipse Mosquito before and including 2.0.5, establishing a connection to the mosquitto server without sending data causes the EPOLLOUT event to be added, which results excessive CPU consumption. This could be used by a malicious actor to perform denial of service type attack. This issue is fixed in 2.0.6

Related Vulnerabilities

CVE-2017-11188

HIGH
CVSS:7.5(High)

The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.

CWE-8342017

CVE-2017-11409

HIGH
CVSS:7.5(High)

In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type.

CWE-8342017

CVE-2018-11813

HIGH
CVSS:7.5(High)

libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.

CWE-8342018

CVE-2018-14342

HIGH
CVSS:7.5(High)

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute...

CWE-8342018

CVE-2018-7321

HIGH
CVSS:7.5(High)

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.

CWE-8342018

CVE-2018-7323

HIGH
CVSS:7.5(High)

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing.

CWE-8342018