11 matches found
USN-7143-1 rabbitmq-server vulnerabilities
Christian Rellmann discovered that RabbitMQ Server did not properly sanitize user input when adding a new user via the management UI. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. CVE-2021-32718 Fahimhusain Raydurg discovered that...
SUSE CVE-2022-31008
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
rabbitmq-server: improper neutralization of script-related HTML tags in a web page (basic XSS) in federation management plugin
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the rabbitmqfederationmanagement plugin, its consumer tag was rendered without proper tag sanitization. This potentially allows for...
Information Disclosure
rabbitmq-server is vulnerable to Information Disclosure. The vulnerability is due to a lack of validated encryption keys in shovel and federation plugins which allows attackers to obtain sensitive information...
Code injection
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
DEBIAN-CVE-2022-31008
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
UBUNTU-CVE-2022-31008
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
CVE-2022-31008
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
CVE-2022-31008
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
CVE-2022-31008
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker link state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions...
RabbitMQ 安全特征问题漏洞
RabbitMQ is a feature-rich multi-protocol messaging and streaming agent open-sourced by RabbitMQ. RabbitMQ has a security vulnerability that stems from its shovel and federation plugins performing URI obfuscation in its worker link state. The encryption key used to encrypt the URI carries...