CVE-2021-34431

In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker.
References
Link Resource
https://bugs.eclipse.org/bugs/show_bug.cgi?id=573191 Mailing List Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:eclipse:mosquitto:*:*:*:*:*:*:*:*

Information

Published : 2021-07-22 02:15

Updated : 2021-08-03 05:49


NVD link : CVE-2021-34431

Mitre link : CVE-2021-34431

Products Affected
No products.
CWE