2 matches found
CVE-2016-2166
Apache Qpid Proton prior to 0.12.1 is affected. The vulnerable components are proton.reactor.Connector, proton.reactor.Container, and proton.utils.BlockingConnection, which improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable. This could allow a man-in-...
CVE-2016-4467
The CVE-2016-4467 issue affects the C client and C-based client bindings in the Apache Qpid Proton library prior to 0.13.1 on Windows. The root cause is improper verification of the server hostname against the domain name in the certificate’s CN or subjectAltName when using the SChannel security ...