CVE-2021-34432

CVE-2021-34432

Vendor The Eclipse Foundation

Product Eclipse Mosquitto

Weakness CWE-20 · Input validation

Published July 27, 2021

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0.

Key dates

02Disclosure timeline

July 27, 2021 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-34432 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

04Related CVE

CVE-2023-7240 Broken Access Control leading to SSRF in NetIQ Identity Console CVE-2025-64747 Directus Vulnerable to Stored Cross-site Scripting CVE-2025-54250 Adobe Experience Manager | Improper Input Validation (CWE-20) CVE-2025-15284 arrayLimit bypass in bracket notation allows DoS via memory exhaustion CVE-2021-1464 Cisco SD-WAN vManage Authorization Bypass Vulnerability