Lucene search
K
VmwareRabbitmq

6 matches found

CVE
CVE
added 2023/10/24 11:27 p.m.427 views

CVE-2023-46118

CVE-2023-46118 affects RabbitMQ’s HTTP API where no request body size limit was enforced. An authenticated user can send oversized messages via the HTTP API, potentially triggering target node termination by an OOM-like mechanism (DoS). The vulnerability is addressed by patches in RabbitMQ server...

4.9CVSS5.1AI score0.01077EPSS
CVE
CVE
added 2019/11/22 10:56 p.m.315 views

CVE-2019-11291

CVE-2019-11291 affects Pivotal RabbitMQ: 3.7.x before 3.7.20, 3.8.x before 3.8.1, and RabbitMQ for PCF (1.16.x before 1.16.7, 1.17.x before 1.17.4). The underlying issue is improper sanitization of input in the federation and shovel endpoints, enabling a remote authenticated attacker with adminis...

4.8CVSS4AI score0.00796EPSS
CVE
CVE
added 2021/06/08 11:23 a.m.214 views

CVE-2021-22116

CVE-2021-22116 affects RabbitMQ prior to 3.8.16, exposing a denial-of-service via improper input validation in the AMQP 1.0 client connection endpoint. A remote attacker can send crafted AMQP messages to a RabbitMQ server with the AMQP 1.0 plugin enabled, potentially crashing the server. Public a...

7.5CVSS7AI score0.01387EPSS
CVE
CVE
added 2021/06/28 3:15 p.m.212 views

CVE-2021-32719

CVE-2021-32719 affects RabbitMQ’s rabbitmq-server prior to version 3.8.18 where, when a federation link is shown in the management UI via the rabbitmq_federation_management plugin, the consumer tag is rendered without proper [removed] tag sanitization. This could allow JavaScript execution in the...

4.8CVSS5.1AI score0.01416EPSS
CVE
CVE
added 2021/06/28 2:50 p.m.192 views

CVE-2021-32718

RabbitMQ CVE-2021-32718 affects rabbitmq-server

5.4CVSS5.1AI score0.01437EPSS
CVE
CVE
added 2022/10/06 12:0 a.m.173 views

CVE-2022-31008

CVE-2022-31008 affects RabbitMQ where the shovel and federation plugins obfuscate URI state using an encryption key seeded with a predictable secret. This can, under certain plugin-related exceptions, reveal deobfuscatable data in node logs. Patched versions are 3.10.2, 3.9.18, and 3.8.32. If upg...

7.5CVSS6.1AI score0.00307EPSS