5 matches found
Moderate: Red Hat Security Advisory: AMQ Clients 2023.Q4
An update is now available for Red Hat AMQ Clients Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Reference...
CVE-2023-34050
creationtimestamp| type| source ---|---|--- 2023-10-20 05:48:11+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5500 2023-11-04 05:18:38+00:00| published-proof-of-concept| https://t.me/CNArsenal/1431 2023-11-04 07:57:57+00:00| published-proof-of-concept| https://t.me/cKure/11918...
CVE-2023-34050
In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class names were added to Spring AMQP, allowing users to lock down deserialization of data in messages from untrusted sources; however by default, when no allowed list was provided, all classes...
CVE-2023-34050
CVE-2023-34050 affects Spring AMQP: deserialization vulnerability in SimpleMessageConverter/SerializerMessageConverter when no allowed-list patterns are configured. Versions affected: 1.0.0–2.4.16 and 3.0.0–3.0.9. If untrusted messages originate from a compromised source and write permissions to ...
CVE-2023-34050 Spring AMQP Deserialization Vulnerability
In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class names were added to Spring AMQP, allowing users to lock down deserialization of data in messages from untrusted sources; however by default, when no allowed list was provided, all classes...