VDB
GO-2025-4173
GO-2025-4173
PUBLISHED
Eclipse Paho Go MQTT may incorrectly encode strings if length exceeds 65535 bytes in github.com/eclipse/paho.mqtt.golang
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | eclipse/paho.mqtt.golang | 0, 0 |
Timeline
- Dec 15, 2025 CVE Published
- Feb 4, 2026 CVE Updated
References
- https://github.com/advisories/GHSA-32fw-gq77-f2f2 advisory
- https://github.com/alpinelinux/build-server-status/commit/e3487897db32c8c3d0287643f8384a6669e93731 url
- https://github.com/eclipse-paho/paho.mqtt.golang/issues/730 url
- https://github.com/eclipse-paho/paho.mqtt.golang/pull/714 url
- https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/254 url