2 matches found
cc.voox:publisher (>=0.1.0.Beta <=2.2.0), cloud.altemista.fwk.integration:cloud-altemistafwk-core-integration-amqp-conf (>=3.0.0.RELEASE <=3.0.1.RELEASE) +130 more potentially affected by CVE-2018-11087 via org.springframework.amqp:spring-amqp (>=2.0.0.RELEASE <=2.0.5.RELEASE)
org.springframework.amqp:spring-amqp MAVEN version =2.0.0.RELEASE, =0.1.0.Beta, =3.0.0.RELEASE, =3.0.0.RELEASE, =B.0.0.1, =B.0.0.1, =0.1.0-RC1, =1.0.0, =1.0.0, =1.0.0.20191020.beta, =1.0.0.20210917f.beta and more Source cves: CVE-2018-11087 Source advisory: OSV:GHSA-W4G2-9HJ6-5472...
CVE-2018-11087
CVE-2018-11087 affects Pivotal Spring AMQP and RabbitMQ amqp-client. The issue arises from improper hostname validation, enabling a man-in-the-middle attacker to intercept traffic and view data in transit. Documented impact includes information disclosure due to lack of hostname verification. IBM...