CVE-2025-65503
Published
CVSS v3
5.5
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
Use after free in endpoint destructors in Redboltz async_mqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between io_context and endpoint objects.
I/O independent (also known as Sans-I/O) MQTT protocol library for C++17. Asynchronous MQTT communication library using the MQTT protocol library and Boost.Asio.
GitHub