cvedb.io
CVE-2019-5432
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2019-05-06T17:29:00.543 · Last modified 2026-06-17T02:37:40.693

Summary

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions < 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding.

Affected products

mqtt-packet_project — mqtt-packet

Does this affect you?

Add your gear to cvedb and we'll alert you only when mqtt-packet_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.