Vulnerabilities > Eclipse > Mosquitto > 1.4.13
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-05 | CVE-2017-7653 | Improper Input Validation vulnerability in multiple products The Eclipse Mosquitto broker up to version 1.4.15 does not reject strings that are not valid UTF-8. | 3.5 |
| 2018-04-25 | CVE-2017-7652 | In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. | 6.0 |
| 2018-04-24 | CVE-2017-7651 | Resource Exhaustion vulnerability in multiple products In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server simply by filling the RAM memory with a lot of connections with large payload. | 5.0 |