Description
An issue was discovered in MoscaJS Aedes 0.42.0. lib/write.js does not properly consider exceptions during the writing of an invalid packet to a stream.
Remediation
References
https://github.com/moscajs/aedes/pull/493
https://payatu.com/advisory/dos-in-aedes-mqtt-broker
https://cwe.mitre.org/data/definitions/248.html
Related Vulnerabilities
CVE-2022-25979 Vulnerability in npm package jsuites
CVE-2021-39176 Vulnerability in npm package detect-character-encoding
CVE-2021-41248 Vulnerability in npm package graphiql
CVE-2020-16024 Vulnerability in npm package electron
CVE-2020-17518 Vulnerability in maven package org.apache.flink:flink-runtime_2.12