Astra Linux - уязвимость в librabbitmq

A vulnerability was discovered in the C AMQP client library also known as rabbitmq-c for RabbitMQ in versions up to 0.13.0. credentials can only be entered via the command line e.g., for amqp-publish or amqp-consume, and therefore they are visible to local attackers who can list processes along...

ROOT-OS-ALPINE-318-CVE-2023-35789 CVE-2023-35789 in rootio-rabbitmq-c - Patched by Root

Root has patched CVE-2023-35789 in the rootio-rabbitmq-c package for Root:Alpine:3.18. Multiple fixed versions available...

EUVD-2019-8339

Malware in sbrugna...

TencentOS Server 4: librabbitmq (TSSA-2025:0136)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0136 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2023-35789 vulnerabilities

Vulnerabilities for packages: rabbitmq-c...

GHSA-CJ9F-GCWH-7Q49 vulnerabilities

Vulnerabilities for packages: rabbitmq-c...

CVE-2023-35789 vulnerabilities

Vulnerabilities for packages: rabbitmq-c...

GHSA-CJ9F-GCWH-7Q49 vulnerabilities

Vulnerabilities for packages: rabbitmq-c...

FreeBSD : RabbitMQ-C -- auth credentials visible in commandline tool options (7e9cc7fd-6b3e-46c5-ad6d-409d90d41bbf)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7e9cc7fd-6b3e-46c5-ad6d-409d90d41bbf advisory. hadmut reports: This C library includes 2 command-line tools that can take credentials as command-line...

Security Bulletin: IBM Storage Ceph is vulnerable to Insecure credentials submission in the RHEL UBI (CVE-2023-35789)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2023-35789. Vulnerability Details CVEID:CVE-2023-35789 DESCRIPTION: RabbitMQ C AMQP client library aka rabbitmq-c could allow a...

SUSE: Security Advisory (SUSE-SU-2023:2823-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : librabbitmq (ELSA-2023-7150)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7150 advisory. 0.9.0-4 - Resolves: 2215765, insecure credentials submission Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 9 : librabbitmq (ELSA-2023-6482)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6482 advisory. 0.11.0-7 - add missing gating.yaml - fix rpminspect issue Related: 2215766 0.11.0-6 - Resolves: 2215766, insecure credentials submission Tenable has extracted t...

CentOS 8 : librabbitmq (CESA-2023:7150)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:7150 advisory. - An issue was discovered in the C AMQP client library aka rabbitmq-c through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line e.g., for...

SUSE-SU-2023:2823-1 Security update for rabbitmq-c

This update for rabbitmq-c fixes the following issues: - CVE-2023-35789: Fixed insecure credentials submission bsc1212499...

UBUNTU-CVE-2023-35789

An issue was discovered in the C AMQP client library aka rabbitmq-c through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line e.g., for amqp-publish or amqp-consume and are thus visible to local attackers by listing a process and its arguments...

rabbitmq-c 安全漏洞

rabbitmq-c is a C-based AMQP Advanced Message Queuing Protocol client library. A security vulnerability exists in versions of rabbitmq-c prior to 0.13.0, which stems from the fact that credentials can only be entered on the command line, and can be exploited by an attacker to view credentials by...

FreeBSD : RabbitMQ-C -- integer overflow leads to heap corruption (7c555ce3-658d-4589-83dd-4b6a31c5d610)

alanxz reports : When parsing a frame header, validate that the framesize is less than or equal to INT32MAX. Given framemax is limited between 0 and INT32MAX in amqplogin and friends, this does not change the API. This prevents a potential buffer overflow when a malicious client sends a framesize...

librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow

An issue was discovered in amqphandleinput in amqpconnection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTIONSTATEHEADER. A rogue server could return a malicious frame header that leads to a smaller targetsize value than needed...

librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow

An issue was discovered in amqphandleinput in amqpconnection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTIONSTATEHEADER. A rogue server could return a malicious frame header that leads to a smaller targetsize value than needed...