Azure Linux 3.0 Security Update: azure-iot-sdk-c (CVE-2024-29195)

The version of azure-iot-sdk-c installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29195 advisory. - The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This...

CVE-2024-29195 affecting package azure-iot-sdk-c for versions less than 2022.01.21-4

CVE-2024-29195 affecting package azure-iot-sdk-c for versions less than 2022.01.21-4. A patched version of the package is available...

Azure Linux 3.0 Security Update: azure-iot-sdk-c (CVE-2024-25110)

The version of azure-iot-sdk-c installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25110 advisory. - The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities,...

CBL Mariner 2.0 Security Update: azure-iot-sdk-c (CVE-2024-27099)

The version of azure-iot-sdk-c installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27099 advisory. - The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an...

CBL Mariner 2.0 Security Update: azure-iot-sdk-c (CVE-2024-25110)

The version of azure-iot-sdk-c installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25110 advisory. - The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities,...

CVE-2024-27099 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1

CVE-2024-27099 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-21646 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1

CVE-2024-21646 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1

CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-27099 affecting package azure-iot-sdk-c for versions less than 2022.01.21-3

CVE-2024-27099 affecting package azure-iot-sdk-c for versions less than 2022.01.21-3. A patched version of the package is available...

CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2022.01.21-3

CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2022.01.21-3. A patched version of the package is available...

AZL-35447 CVE-2024-27099 affecting package azure-iot-sdk-c for versions less than 2022.01.21-3

The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987...

AZL-34349 CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2022.01.21-3

The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule...

CVE-2024-21646 affecting package azure-iot-sdk-c for versions less than 2022.01.21-2

CVE-2024-21646 affecting package azure-iot-sdk-c for versions less than 2022.01.21-2. A patched version of the package is available...