CVE-2021-34431 – In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected …

Vuln ID: CVE-2021-34431

Published:  2021-07-22  14:15:08Z

Description: In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker.

Source: NVD.NIST.GOV