Vulnerabilities > Eclipse > Mosquitto > 1.4.15
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-27 | CVE-2018-12546 | Incorrect Permission Assignment for Critical Resource vulnerability in Eclipse Mosquitto In Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a client publishes a retained message to a topic, then has its access to that topic revoked, the retained message will still be published to clients that subscribe to that topic in the future. | 6.5 |
| 2018-06-05 | CVE-2017-7654 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. | 7.5 |
| 2018-06-05 | CVE-2017-7653 | Improper Input Validation vulnerability in multiple products The Eclipse Mosquitto broker up to version 1.4.15 does not reject strings that are not valid UTF-8. | 5.3 |