com.confluex:qpid-in-a-can (=0.2.0), com.dell.cpsd.common.messaging:common-testing (=1.5.0) +23 more potentially affected by CVE-2016-4432 via org.apache.qpid:qpid-broker-plugins-amqp-1-0-protocol (>=0.24 <=6.0.2)

org.apache.qpid:qpid-broker-plugins-amqp-1-0-protocol MAVEN version =0.24, =2.0.0, =1.0.0, =0.1, =0.1, =10.0.0, =0.24, =10.0.0, =10.0.1 and more Source cves: CVE-2016-4432 Source advisory: OSV:GHSA-Q66C-H853-GQW2...

Denial Of Service (DoS)

qpid-broker-plugins-amqp-1-0-protocol is vulnerable to denial of service DoS attacks. The application does not have a maximum size for frames, allowing a malicious user to pass large frames to the application that can cause memory exhaustion...