8 matches found
EUVD-2024-2402
Malicious code in bioql PyPI...
Apache RocketMQ < 5.3.0 Information Disclosure (CVE-2024-23321)
For RocketMQ versions 5.2.0 and below, under certain conditions, there is a risk of exposure of sensitive Information to an unauthorized actor even if RocketMQ is enabled with authentication and authorization functions. An attacker, possessing regular user privileges or listed in the IP whitelist...
Apache RocketMQ Vulnerable to Unauthorized Exposure of Sensitive Data
For RocketMQ versions 5.2.0 and below, under certain conditions, there is a risk of exposure of sensitive Information to an unauthorized actor even if RocketMQ is enabled with authentication and authorization functions. An attacker, possessing regular user privileges or listed in the IP whitelist...
GHSA-Q9W2-H4CW-8GHP Apache RocketMQ Vulnerable to Unauthorized Exposure of Sensitive Data
For RocketMQ versions 5.2.0 and below, under certain conditions, there is a risk of exposure of sensitive Information to an unauthorized actor even if RocketMQ is enabled with authentication and authorization functions. An attacker, possessing regular user privileges or listed in the IP whitelist...
CVE-2024-23321
For RocketMQ versions 5.2.0 and below, under certain conditions, there is a risk of exposure of sensitive Information to an unauthorized actor even if RocketMQ is enabled with authentication and authorization functions. An attacker, possessing regular user privileges or listed in the IP whitelist...
CVE-2024-23321 Apache RocketMQ: Unauthorized Exposure of Sensitive Data
For RocketMQ versions 5.2.0 and below, under certain conditions, there is a risk of exposure of sensitive Information to an unauthorized actor even if RocketMQ is enabled with authentication and authorization functions. An attacker, possessing regular user privileges or listed in the IP whitelist...
CVE-2024-23321
CVE-2024-23321 affects RocketMQ 5.2.0 and earlier, where under certain conditions an attacker with regular user privileges (or IP whitelist-listed) can disclose administrator credentials via specific interfaces, gaining full control if they can access the broker IP address list. The risk arises d...
CVE-2024-23321 Apache RocketMQ: Unauthorized Exposure of Sensitive Data
For RocketMQ versions 5.2.0 and below, under certain conditions, there is a risk of exposure of sensitive Information to an unauthorized actor even if RocketMQ is enabled with authentication and authorization functions. An attacker, possessing regular user privileges or listed in the IP whitelist...