{"id":"GO-2025-4173","summary":"Eclipse Paho Go MQTT may incorrectly encode strings if length exceeds 65535 bytes in github.com/eclipse/paho.mqtt.golang","details":"Eclipse Paho Go MQTT may incorrectly encode strings if length exceeds 65535 bytes in github.com/eclipse/paho.mqtt.golang","aliases":["CVE-2025-10543","GHSA-32fw-gq77-f2f2"],"modified":"2026-03-17T05:01:22.269595Z","published":"2025-12-15T20:37:41Z","related":["CGA-6xhp-c56v-grvf"],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2025-4173","review_status":"REVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-32fw-gq77-f2f2"},{"type":"WEB","url":"https://github.com/alpinelinux/build-server-status/commit/e3487897db32c8c3d0287643f8384a6669e93731"},{"type":"WEB","url":"https://github.com/eclipse-paho/paho.mqtt.golang/issues/730"},{"type":"WEB","url":"https://github.com/eclipse-paho/paho.mqtt.golang/pull/714"},{"type":"WEB","url":"https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/254"}],"affected":[{"package":{"name":"github.com/eclipse/paho.mqtt.golang","ecosystem":"Go","purl":"pkg:golang/github.com/eclipse/paho.mqtt.golang"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.5.1"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2025-4173.json"}}],"schema_version":"1.7.5"}