Debian Linux Security Advisory 4570-1 - A vulnerability was discovered in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker, allowing a malicious MQTT client to cause a denial of service (stack overflow and daemon crash), by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy.
d986565ac146d4431943d6e5b0086d43adfc651090b5a543d16d25256ca53920
Ubuntu Security Notice 4137-1 - It was discovered that Mosquitto incorrectly handled certain specially crafted input and network packets. A remote attacker could use this to cause a denial of service.
5250bcb1182c1d0d33e030bdfda7fd67002a5b72a774c61452d8e1ded0b73155