Description
An issue was discovered in MoscaJS Aedes 0.42.0. lib/write.js does not properly consider exceptions during the writing of an invalid packet to a stream.
Remediation
References
https://cwe.mitre.org/data/definitions/248.html
https://github.com/moscajs/aedes/pull/493
https://payatu.com/advisory/dos-in-aedes-mqtt-broker
Related Vulnerabilities
CVE-2022-39248 Vulnerability in maven package org.matrix.android:matrix-android-sdk2
CVE-2016-10531 Vulnerability in maven package org.webjars:marked
CVE-2023-46494 Vulnerability in npm package @evershop/evershop
CVE-2020-26939 Vulnerability in maven package org.bouncycastle:bcprov-ext-jdk15to18
CVE-2020-28452 Vulnerability in maven package com.softwaremill.akka-http-session:core_2.12