AZL-35196 CVE-2023-46118 affecting package rabbitmq-server for versions less than 3.13.0-1

🗓️ 25 Oct 2023 18:17:36Reported by GoogleType

osv🔗 osv.dev👁 2 Views

Large message DoS via RabbitMQ web API by authenticated users; affects versions below 3.13.0-1; fixed in 3.11.24 and 3.12.7.

Reporter	Title	Published	Views	Family All 53
IBM Security Bulletins	Security Bulletin: RabbitMQ HTTP API Vulnerability Allows Authenticated DoS via Large Message Payloads	27 Jun 202505:29	–	ibm
AstraLinux	Astra Linux - уязвимость в rabbitmq-server	20 May 202605:53	–	astralinux
Tenable Nessus	Azure Linux 3.0 Security Update: rabbitmq-server (CVE-2023-46118)	10 Feb 202500:00	–	nessus
Tenable Nessus	Debian dla-3687 : rabbitmq-server - security update	14 Dec 202300:00	–	nessus
Tenable Nessus	Debian DSA-5571-1 : rabbitmq-server - security update	1 Dec 202300:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: rabbitmq-server (CVE-2023-46118)	13 Dec 202400:00	–	nessus
Tenable Nessus	RabbitMQ 3.11.x < 3.11.24 / 3.12.x < 3.12.7 Denial of Service	17 Apr 202500:00	–	nessus
Tenable Nessus	RHEL 9 : Red Hat OpenStack Platform 17.1 (rabbitmq-server) (RHSA-2024:0217)	16 Jan 202400:00	–	nessus
Tenable Nessus	SUSE SLES15 / openSUSE 15 Security Update : rabbitmq-server (SUSE-SU-2023:4939-1)	21 Dec 202300:00	–	nessus
Tenable Nessus	SUSE SLES15 / openSUSE 15 : Feature update for rabbitmq-server313, erlang26, elixir115 (SUSE-SU-SUSE-FU-2024:2078-1)	20 Jun 202400:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-46118

21 Apr 2026 04:27Current

7High risk

Vulners AI Score7

CVSS 3.14.9

EPSS0.00315