---

CVE-2021-34434 - log back

CVE-2021-34434 edited at 05 Apr 2022 12:25:45
References	- https://bugs.eclipse.org/bugs/show_bug.cgi?id=575324 https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/issues/638 + https://github.com/eclipse/mosquitto/commit/32af599c81e63fa38e834b8f1c1f108c49328e95

CVE-2021-34434 edited at 04 Apr 2022 22:10:23
References	https://bugs.eclipse.org/bugs/show_bug.cgi?id=575324 + https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/issues/638

CVE-2021-34434 edited at 31 Aug 2021 08:08:06
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Access restriction bypass
Description	+ In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked.
References	+ https://bugs.eclipse.org/bugs/show_bug.cgi?id=575324
Notes

CVE-2021-34434 created at 31 Aug 2021 08:06:59