538 matches found
RHSA-2015:0707 Red Hat Security Advisory: qpid security and bug fix update
Bulletin has no description...
RHSA-2015:0708 Red Hat Security Advisory: qpid security and bug fix update
Bulletin has no description...
RHSA-2015:0662 Red Hat Security Advisory: qpid-cpp security and bug fix update
Bulletin has no description...
RHSA-2015:0661 Red Hat Security Advisory: qpid-cpp security and bug fix update
Bulletin has no description...
RHSA-2012:1269 Red Hat Security Advisory: qpid security, bug fix, and enhancement update
Bulletin has no description...
RHEL 6 : python-qpid (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-qpid: client does not validate qpid server TLS/SSL certificate CVE-2013-1909 Note that Nessus has not tested...
RHEL 6 : qpid-cpp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - qpid-cpp: anonymous access to qpidd cannot be prevented CVE-2015-0223 - qpid-cpp: AMQP 0-10 protocol...
RHEL 7 : qpid-cpp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - qpid-cpp: anonymous access to qpidd cannot be prevented CVE-2015-0223 - qpid-cpp: AMQP 0-10 protocol...
RHEL 7 : qpid-proton (RHSA-2019:1399)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1399 advisory. The AMQ Client enables connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol. This update provides various bug fixes...
RHEL 7 : qpid-proton (RHSA-2019:1398)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:1398 advisory. The AMQ Client enables connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol. This update provides various bug fixes...
RHEL 7 : qpid-proton (RHSA-2019:1400)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1400 advisory. The AMQ Client enables connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol. Security Fixes: qpid-proton: TLS Man in...
openSUSE 15: python3-python-qpid-proton / qpid-proton-devel / etc (SUSE-SU-2024:1074-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:1074-1 advisory. - CVE-2019-0223: Fixed TLS Man in the Middle Vulnerability bsc1133158. Tenable has extracted the preceding description block directly from the SUSE security...
K23675185: Apache Qpid vulnerabilities CVE-2016-3094 and CVE-2016-4432
Security Advisory Description CVE-2016-3094 PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught...
K89010078: Apache vulnerabilities CVE-2018-1307, CVE-2018-1298, CVE-2018-1299, CVE-2018-1287, and CVE-2018-1297
Security Advisory Description CVE-2018-1307 In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or WSDL2Java classes, which parse a local or remote XML document and then mediates the data structures into UDDI data structures, there are little protections present against entity expansion and...
SUSE CVE-2013-4261
OpenStack Compute Nova Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service connection pool consumption, as demonstrated using multiple requests that send...
SUSE CVE-2013-6491
The python-qpid client common/rpc/implqpid.py in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpidprotocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network...
SUSE CVE-2016-2166
The 1 proton.reactor.Connector, 2 proton.reactor.Container, and 3 proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-middle attackers to obtain...
GHSA-5H6X-M52P-23PH Withdrawn Advisory: Improper Certificate Validation in Apache Qpid Proton
Withdrawn Advisory This advisory has been withdrawn because the vulnerability only affects the Qpid Proton C library and not org.apache.qpid:proton-j. This link has been maintained to preserve external references. Original Description While investigating bug PROTON-2014, we discovered that under...
Withdrawn Advisory: Improper Certificate Validation in Apache Qpid Proton
Withdrawn Advisory This advisory has been withdrawn because the vulnerability only affects the Qpid Proton C library and not org.apache.qpid:proton-j. This link has been maintained to preserve external references. Original Description While investigating bug PROTON-2014, we discovered that under...
com.korwe:kordapt-core (>=1.0.1 <=1.1.2), com.korwe:kordapt-gradle-plugin (>=1.0.1 <=1.1.2) +12 more potentially affected by CVE-2012-4446 via org.apache.qpid:qpid-client (>=0.10 <=0.18)
org.apache.qpid:qpid-client MAVEN version =0.10, =1.0.1, =1.0.1, =1.0.1, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =5.8.0-NESS-1, =0.4.0, =2.7.5, =1.0.3, =0.7.0.Final, =0.8.0.Final Source cves: CVE-2012-4446 Source advisory: OSV:GHSA-MRGH-6X42-X6XF...