cvedb.io
CVE-2021-34434
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2021-08-30T20:15:07.363 · Last modified 2026-06-17T03:55:51.627

Summary

In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked.

Affected products

eclipse — mosquitto

Does this affect you?

Add your gear to cvedb and we'll alert you only when eclipse ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.