PT-2023-19607 · Jenkins · Jenkins Rabbitmq Consumer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins RabbitMQ Consumer Plugin versions 2.8 and earlier Description: A cross-site request forgery issue allows attackers to connect to an attacker-specified AMQPS URL using an attacker-specified username and password. Recommendations: For...

The vulnerability of the AMQP 1.0 message broker plugin of RabbitMQ, related to insufficient input validation, allows a attacker to trigger a service failure.

The vulnerability of the AMQP 1.0 message broker plugin of RabbitMQ is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to cause service failures by sending malicious AMQP messages...

Pivotal Software RabbitMQ Elevation of Privilege Vulnerability

Pivotal Software RabbitMQ is the United States Pivotal Software, Inc. of a set of implementation of the Advanced Message Queuing Protocol AMQP open source message broker software. An elevation of privilege vulnerability exists in Pivotal Software RabbitMQ. The vulnerability stems from an incorrec...

The vulnerability of the Apache Qpid message exchange system, which allows a malicious actor to gain access as a legitimate user.

The Apache Qpid system for exchanging programmatic messages contains a vulnerability related to an authentication error during the processing of shadowed connections for AMQP clients. With a specially crafted request, a malicious individual can impersonate a legitimate user...

qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling

A flaw was found in the way the Qpid daemon qpidd processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set could use this flaw to crash qpidd...

Pivotal Software RabbitMQ management plugin cross-site scripting vulnerability

Pivotal Software RabbitMQ is a British company Pivotal Software's set of implementation of the Advanced Message Queuing Protocol AMQP open source messaging agent software. rabbitMQ management is one of the management plug-in . A cross-site scripting vulnerability exists in the Pivotal Software...

UBUNTU-CVE-2013-2482

The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service infinite loop via a malformed packet...

qpid: crash on receipt of invalid AMQP data

The Cluster::deliveredEvent function in cluster/Cluster.cpp in Apache Qpid, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote attackers to cause a denial of service daemon crash and cluster outage via invalid AMQP data...

Moderate: Red Hat Security Advisory: Red Hat Enterprise MRG Messaging security and bug fix update 1.2.2

Updated Red Hat Enterprise MRG Messaging packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...