In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://bugs.eclipse.org/bugs/show_bug.cgi?id=573191 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: eclipse
Published: 2021-07-22T13:45:13
Updated: 2024-08-04T00:12:50.247Z
Reserved: 2021-06-09T00:00:00
Link: CVE-2021-34431
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-07-22T14:15:08.050
Modified: 2024-11-21T06:10:23.867
Link: CVE-2021-34431
Redhat
No data.