CVE-2021-41039

CVE-2021-41039

Vendor The Eclipse Foundation
Product Eclipse Mosquitto
Weakness CWE-1050
Published December 1, 2021
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service.

Key dates

02Disclosure timeline

December 1, 2021 CVE published
August 4, 2024 Record updated