Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-41039

Опубликовано: 01 дек. 2021
Источник: debian
EPSS Низкий

Описание

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
mosquittofixed2.0.11-1.2package
mosquittofixed2.0.11-1+deb11u1bullseyepackage
mosquittonot-affectedbusterpackage
mosquittonot-affectedstretchpackage

Примечания

  • https://bugs.eclipse.org/bugs/show_bug.cgi?id=575314

  • https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/issues/637

  • Fixed by: https://github.com/eclipse/mosquitto/commit/9d6a73f9f72005c2f19a262f15d28327eedea91f (v2.0.12)

EPSS

Процентиль: 48%
0.0025
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-41039

CVSS3: 7.5
ubuntu
около 4 лет назад

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service.

nvd логотип

CVE-2021-41039

CVSS3: 7.5
nvd
около 4 лет назад

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service.

github логотип

GHSA-5xp2-36v8-r67m

CVSS3: 7.5
github
около 4 лет назад

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service.

fstec логотип

BDU:2022-03119

CVSS3: 7.5
fstec
больше 4 лет назад

Уязвимость реализации протокола MQTT v5 брокера сообщений Eclipse Mosquitto, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 48%
0.0025
Низкий