CNNVD-202511-2651 Information

CNNVD ID

CNNVD-202511-2651

Related CVE

CVE-2025-65503

• CNNVD Published: 2025-11-24

Description (Chinese)

async_mqtt是Takatoshi Kondo个人开发者的一个MQTT协议库。 async_mqtt 10.2.5版本存在安全漏洞，该漏洞源于端点析构函数中存在释放后重用问题，可能导致拒绝服务攻击。

Description (English)

Async mqtt is a MQTT protocol library of Takatoshi Kondo personal developers. Async mqtt10.2.5 has a security loophole, which stems from a post-release reuse problem in the endpoint analysis function, which may lead to a denial of service attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-11-24

Last Modified

2026-02-24

References

https://github.com/redboltz/async_mqtt/issues/436 https://github.com/redboltz/async_mqtt/pull/437 https://access.redhat.com/security/cve/cve-2025-65503

Patch

https://github.com/redboltz/async_mqtt/releases