Vulnerabilities > Eclipse > Hono > 1.4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-14 | CVE-2020-27220 | Missing Authorization vulnerability in Eclipse Hono The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. | 9.0 |
| 2020-11-13 | CVE-2020-27217 | Unspecified vulnerability in Eclipse Hono 1.3.0/1.4.0 In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP messages received from devices. | 5.0 |