CVE-2021-34432

Published: 27 July 2021

In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
mosquitto
Launchpad, Ubuntu, Debian
Upstream
Released (2.0.8-1)
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(2.0.10-3)
Ubuntu 20.04 LTS (Focal Fossa) Needs triage

Ubuntu 18.04 LTS (Bionic Beaver) Needs triage

Ubuntu 16.04 ESM (Xenial Xerus) Ignored
(out of standard support)
Ubuntu 14.04 ESM (Trusty Tahr) Needs triage