Lucene search

K
cvelistEclipseCVELIST:CVE-2021-41039
HistoryDec 01, 2021 - 12:00 a.m.

CVE-2021-41039

2021-12-0100:00:00
CWE-1050
eclipse
www.cve.org
1

EPSS

0.001

Percentile

39.4%

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service.

CNA Affected

[
  {
    "vendor": "The Eclipse Foundation",
    "product": "Eclipse Mosquitto",
    "versions": [
      {
        "version": "1.6",
        "status": "affected",
        "lessThan": "unspecified",
        "versionType": "custom"
      },
      {
        "version": "unspecified",
        "lessThanOrEqual": "2.0.11",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]