29 matches found
EUVD-2019-0377
Malware in sbrugna...
EUVD-2018-0541
Malware in sbrugna...
The vulnerability of the Apache Qpid Broker-J messaging system, which exists due to insufficient validation of input data, allows a perpetrator to trigger a service failure.
The Apache Qpid Broker-J system has vulnerabilities due to insufficient validation of input data. Exploiting these vulnerabilities can allow a malicious actor to cause service failures remotely...
Improper Input Validation in Apache Qpid Broker-J
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 inclusive and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 AMQP 0-8, 0-9, 0-91 and 0-10. Users of...
GHSA-C9H6-XHG9-XXRV Improper Input Validation in Apache Qpid Broker-J
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 inclusive and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 AMQP 0-8, 0-9, 0-91 and 0-10. Users of...
Denial of service
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 inclusive and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 AMQP 0-8, 0-9, 0-91 and 0-10. Users of...
CVE-2019-0200
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 inclusive and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 AMQP 0-8, 0-9, 0-91 and 0-10. Users of...
CVE-2019-0200
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 inclusive and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 AMQP 0-8, 0-9, 0-91 and 0-10. Users of...
CVE-2019-0200
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 inclusive and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 AMQP 0-8, 0-9, 0-91 and 0-10. Users of...
GHSA-6W3V-66MJ-2QM6 Moderate severity vulnerability that affects org.apache.qpid:apache-qpid-broker-j
A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQ...
Moderate severity vulnerability that affects org.apache.qpid:apache-qpid-broker-j
A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQ...
GHSA-269M-695X-J34P Apache Qpid Broker vulnerable to authentication port spoofing
Apache Qpid Broker-J versions 0.18 through 0.32 are vulnerable to authentication port spoofing. When the broker is configured with different authentication providers on different ports, one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to...
Apache Qpid Broker vulnerable to authentication port spoofing
Apache Qpid Broker-J versions 0.18 through 0.32 are vulnerable to authentication port spoofing. When the broker is configured with different authentication providers on different ports, one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to...
GHSA-7XR3-RGWH-PW22 Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.x before 7.1.0 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit 100MB by default. The broker crashes due to the defect. AMQP protocols 0-10 and...
CVE-2018-8030
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit 100MB by default. The broker crashes due to the defect. AMQP protocols 0-10 and 1.0...
CVE-2018-8030
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit 100MB by default. The broker crashes due to the defect. AMQP protocols 0-10 and 1.0...
CVE-2018-8030
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit 100MB by default. The broker crashes due to the defect. AMQP protocols 0-10 and 1.0...
CVE-2018-8030
CVE-2018-8030 affects Apache Qpid Broker-J 7.0.0–7.0.4 when publishing AMQP messages larger than the default maximum (100 MB) using protocols 0-8, 0-9, or 0-91. The defect causes the broker to crash, representing a Denial of Service (DoS). Affected protocols 0-10 and 1.0 are not affected. The pro...
Authentication flaw
A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQ...
CVE-2018-1298
A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQ...