Insecure Randomness

Overview Affected versions of this package are vulnerable to Insecure Randomness via the sendAndReceive function when using a fixed reply queue, due to correlation IDs being generated sequentially by an internal counter. An attacker can intercept or inject unauthorized replies by predicting...

EUVD-2026-35895

Correlation IDs for replies in the RabbitTemplate.sendAndReceive with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17...

VMware Spring AMQP 安全特征问题漏洞

VMware Spring AMQP is a message queue integration framework developed by the American company VMware. There is a security vulnerability in VMware Spring AMQP, which stems from the use of a fixed reply queue ID in the RabbitTemplate.sendAndReceive method, making it predictable due to an internal...

PT-2026-48314

Name of the Vulnerable Software and Affected Versions Spring AMQP versions 4.0.0 through 4.0.3 Spring AMQP versions 3.2.0 through 3.2.10 Spring AMQP versions 3.1.0 through 3.1.15 Spring AMQP versions 2.4.0 through 2.4.17 Description Correlation IDs for replies in the sendAndReceive function of...