5 matches found
CVE-2026-9133
Active debug code exists in the ARN resolver of amazon-mq rabbitmq-aws before version 0.2.1. A debug ARN scheme arn:aws-debug:file accepted by the PUT /api/aws/arn/validate validation endpoint might allow remote authenticated users to perform arbitrary file reads on any file accessible to the...
CVE-2026-9133 Arbitrary file read in rabbitmq-aws plugin
Active debug code exists in the ARN resolver of amazon-mq rabbitmq-aws before version 0.2.1. A debug ARN scheme arn:aws-debug:file accepted by the PUT /api/aws/arn/validate validation endpoint might allow remote authenticated users to perform arbitrary file reads on any file accessible to the...
CVE-2026-9133 Arbitrary file read in rabbitmq-aws plugin
Active debug code exists in the ARN resolver of amazon-mq rabbitmq-aws before version 0.2.1. A debug ARN scheme arn:aws-debug:file accepted by the PUT /api/aws/arn/validate validation endpoint might allow remote authenticated users to perform arbitrary file reads on any file accessible to the...
CVE-2026-9133
CVE-2026-9133 affects the rabbitmq-aws plugin’s ARN resolver. Active debug code enables a debug ARN scheme (arn:aws-debug:file) that is accepted by PUT /api/aws/arn/validate, allowing remote authenticated users to perform arbitrary file reads on files accessible to the RabbitMQ process. This issu...
PT-2026-42261
Name of the Vulnerable Software and Affected Versions amazon-mq rabbitmq-aws versions prior to 0.2.1 Description Active debug code in the ARN resolver allows remote authenticated users to perform arbitrary file reads on any file accessible to the RabbitMQ process. This occurs because the 'PUT...