EUVD-2024-24351

Malicious code in bioql PyPI...

EUVD-2024-22471

Malicious code in bioql PyPI...

TencentOS Server 4: python-uamqp (TSSA-2024:0578)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0578 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2024-21646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients usi...

openSUSE Security Advisory (SUSE-SU-2024:0947-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:0591-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Azure Linux 3.0 Security Update: azure-iot-sdk-c (CVE-2024-25110)

The version of azure-iot-sdk-c installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25110 advisory. - The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities,...

CVE-2024-21646

Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...

Microsoft Azure uAMQP azure-iot-sdks-ci Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of uAMQP. When installed from the official Microsoft GitHub repository,...

CBL Mariner 2.0 Security Update: azure-iot-sdk-c (CVE-2024-21646)

The version of azure-iot-sdk-c installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21646 advisory. - Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clien...

CBL Mariner 2.0 Security Update: azure-iot-sdk-c (CVE-2024-25110)

The version of azure-iot-sdk-c installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25110 advisory. - The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities,...

CBL Mariner 2.0 Security Update: azure-iot-sdk-c (CVE-2024-27099)

The version of azure-iot-sdk-c installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27099 advisory. - The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an...

OPENSUSE-SU-2024:13643-1 python310-uamqp-1.6.8-1.1 on GA media

These are all security issues fixed in the python310-uamqp-1.6.8-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13682-1 python310-uamqp-1.6.8-2.1 on GA media

These are all security issues fixed in the python310-uamqp-1.6.8-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13729-1 python310-uamqp-1.6.8-3.1 on GA media

These are all security issues fixed in the python310-uamqp-1.6.8-3.1 package on the GA media of openSUSE Tumbleweed...

Remote Code Execution (RCE)

uamqp for python is vulnerable to Remote Code Execution RCE. The vulnerability is due to the installation process that attempts to load a non-existent cloud resource, which an attacker could theoretically take over to execute arbitrary code...

Microsoft uAMQP for Python azure-iot-sdks-ci Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft uAMQP for Python. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of uAMQP for Python. When installed from the official...

The vulnerability of the `open_get_offered_capabilities()` function in the C language library for interacting with Azure uAMQP allows a attacker to execute arbitrary code.

The vulnerability of the opengetofferedcapabilities function in the C language library for interacting with Azure uAMQP services is related to incorrect code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2024-27099

A double free vulnerability was found in python-uamqp-azure affecting the embedded azure-uamqp-c library at the link.c file. If some uncommon conditions are met, an authenticated user may cause remote code execution...

AZL-70178 CVE-2024-29195 affecting package python-uamqp 1.5.1-4

The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer overflow due to...