Skip to main content

Paho Java Client

1 CVEs product

Monthly

CVE-2019-11777 Maven HIGH PATCH This Week

In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Paho Java Client
NVD
CVSS 3.1
7.5
EPSS
0.8%
EPSS 1% CVSS 7.5
HIGH PATCH This Week

In the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS and setting a host name verifier, the result of that verification is not checked. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Paho Java Client
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy