Search CVE reports
11 – 20 of 20 results
CVE-2018-1279
Low priorityPivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology...
1 affected package
rabbitmq-server
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
rabbitmq-server | Not affected | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2017-4967
Negligible priorityAn issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and...
1 affected package
rabbitmq-server
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
rabbitmq-server | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2017-4966
Low prioritySome fixes available 1 of 3
An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and...
1 affected package
rabbitmq-server
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
rabbitmq-server | — | Not affected | Not affected | Not affected | Fixed |
CVE-2017-4965
Negligible priorityAn issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and...
1 affected package
rabbitmq-server
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
rabbitmq-server | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2016-9877
High prioritySome fixes available 2 of 4
An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12, and 1.7.x before 1.7.7. MQTT (MQ Telemetry Transport) connection authentication...
1 affected package
rabbitmq-server
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
rabbitmq-server | — | — | — | — | Fixed |
CVE-2015-8786
Negligible priorityThe Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_incr parameter.
1 affected package
rabbitmq-server
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
rabbitmq-server | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2014-9650
Low priorityCRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the download parameter to...
1 affected package
rabbitmq-server
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
rabbitmq-server | — | — | — | Not affected | Not affected |
CVE-2014-9649
Negligible priorityCross-site scripting (XSS) vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the path info to api/, which is not properly handled...
1 affected package
rabbitmq-server
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
rabbitmq-server | — | — | — | Not affected | Not affected |
CVE-2014-9494
Low priorityRabbitMQ before 3.4.0 allows remote attackers to bypass the loopback_users restriction via a crafted X-Forwareded-For header.
1 affected package
rabbitmq-server
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
rabbitmq-server | — | — | — | — | — |
CVE-2015-0862
Negligible priorityMultiple cross-site scripting (XSS) vulnerabilities in the management web UI in the RabbitMQ management plugin before 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) message details when a...
1 affected package
rabbitmq-server
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
rabbitmq-server | — | — | — | Not affected | Not affected |