Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2023/12/07 1:41 p.m.64 views

Moderate: Red Hat Security Advisory: AMQ Clients 2023.Q4

An update is now available for Red Hat AMQ Clients Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Reference...

9.8CVSS7.1AI score0.99615EPSS
Exploits12References13
Circl
Circl
added 2023/10/20 5:48 a.m.7 views

CVE-2023-34050

creationtimestamp| type| source ---|---|--- 2023-10-20 05:48:11+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5500 2023-11-04 05:18:38+00:00| published-proof-of-concept| https://t.me/CNArsenal/1431 2023-11-04 07:57:57+00:00| published-proof-of-concept| https://t.me/cKure/11918...

5CVSS5.7AI score0.01537EPSS
Exploits0References5
NVD
NVD
added 2023/10/19 8:15 a.m.17 views

CVE-2023-34050

In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class names were added to Spring AMQP, allowing users to lock down deserialization of data in messages from untrusted sources; however by default, when no allowed list was provided, all classes...

5CVSS5.2AI score0.01537EPSS
Exploits0References1
CVE
CVE
added 2023/10/19 7:11 a.m.112 views

CVE-2023-34050

CVE-2023-34050 affects Spring AMQP: deserialization vulnerability in SimpleMessageConverter/SerializerMessageConverter when no allowed-list patterns are configured. Versions affected: 1.0.0–2.4.16 and 3.0.0–3.0.9. If untrusted messages originate from a compromised source and write permissions to ...

5CVSS5.2AI score0.01537EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/10/19 7:11 a.m.36 views

CVE-2023-34050 Spring AMQP Deserialization Vulnerability

In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class names were added to Spring AMQP, allowing users to lock down deserialization of data in messages from untrusted sources; however by default, when no allowed list was provided, all classes...

5CVSS6.2AI score0.01537EPSS
Exploits0References3
Rows per page
Query Builder