Lucene search
K

5 matches found

snyk
snyk
added 2026/06/10 1:13 a.m.8 views

Insecure Randomness

Overview Affected versions of this package are vulnerable to Insecure Randomness via the sendAndReceive function when using a fixed reply queue, due to correlation IDs being generated sequentially by an internal counter. An attacker can intercept or inject unauthorized replies by predicting...

4.4CVSS5.3AI score0.00173EPSS
Exploits0References2
nvd
nvd
added 2026/06/10 12:16 a.m.19 views

CVE-2026-41701

Correlation IDs for replies in the RabbitTemplate.sendAndReceive with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17...

4.4CVSS0.00173EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/09 11:47 p.m.42 views

CVE-2026-41701 In Spring AMQP sequential correlation IDs enable reply poisoning on fixed reply queues

Correlation IDs for replies in the RabbitTemplate.sendAndReceive with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17...

4.4CVSS0.00173EPSS
Exploits0References1
nvd
nvd
added 2024/04/10 7:15 p.m.20 views

CVE-2021-47196

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Set send and receive CQ before forwarding to the driver Preset both receive and send CQ pointers prior to call to the drivers and overwrite it later again till the mlx4 is going to be changed do not overwrite ibqp...

7.8CVSS7.3AI score0.00219EPSS
Exploits0References2
debiancve
debiancve
added 2017/05/28 12:0 a.m.41 views

CVE-2015-9059

picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command because the command line is executed by /bin/sh unsafely...

10CVSS9.7AI score0.0218EPSS
Exploits0
Rows per page
Query Builder