14 matches found
EUVD-2024-22471
Malicious code in bioql PyPI...
Azure Linux 3.0 Security Update: azure-iot-sdk-c (CVE-2024-25110)
The version of azure-iot-sdk-c installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25110 advisory. - The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities,...
CBL Mariner 2.0 Security Update: azure-iot-sdk-c (CVE-2024-27099)
The version of azure-iot-sdk-c installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27099 advisory. - The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an...
SUSE CVE-2024-27099
The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987...
AZL-35447 CVE-2024-27099 affecting package azure-iot-sdk-c for versions less than 2022.01.21-3
The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987...
AZL-35471 CVE-2024-27099 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1
The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987...
UBUNTU-CVE-2024-27099
The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQPVALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987...
CVE-2024-25110
The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule...
DEBIAN-CVE-2024-25110
The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule...
AZL-34349 CVE-2024-25110 affecting package azure-iot-sdk-c for versions less than 2022.01.21-3
The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule...
Design/Logic Flaw
The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule...
CVE-2024-25110 Azure IoT Platform Device SDK Remote Code Execution Vulnerability
The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule...
CVE-2024-21646 Azure IoT Platform Device SDK Remote Code Execution Vulnerability
Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...
CVE-2024-21646 Azure IoT Platform Device SDK Remote Code Execution Vulnerability
Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...