2 matches found
CVE-2026-9133 Arbitrary file read in rabbitmq-aws plugin
Active debug code exists in the ARN resolver of amazon-mq rabbitmq-aws before version 0.2.1. A debug ARN scheme arn:aws-debug:file accepted by the PUT /api/aws/arn/validate validation endpoint might allow remote authenticated users to perform arbitrary file reads on any file accessible to the...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to a misconfigured NetworkPolicy. An attacker can gain unauthorized access to resources in other namespaces by exploiting the overly permissive network policy configuration. Workaround This vulnerability can ...