Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache qpid 0.16 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2012-2145
Apache Qpid 0.17 and previous versions does not properly restrict incoming client connections, which allows remote malicious users to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
Apache Qpid 0.8Apache Qpid 0.7Apache Qpid 0.12Apache Qpid 0.14Apache Qpid 0.16Apache QpidApache Qpid 0.9Apache Qpid 0.10Apache Qpid 0.6
NA
CVE-2012-4458
The AMQP type decoder in Apache Qpid 0.20 and previous versions allows remote malicious users to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.
Apache Qpid 0.8Apache Qpid 0.7Apache Qpid 0.6Apache Qpid 0.5Apache Qpid 0.16Apache Qpid 0.15Apache Qpid 0.14Apache Qpid 0.13Apache QpidApache Qpid 0.18Apache Qpid 0.11Apache Qpid 0.9Apache Qpid 0.19Apache Qpid 0.17Apache Qpid 0.12Apache Qpid 0.10
NA
CVE-2012-4460
The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and previous versions allow remote malicious users to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-o...
Apache Qpid 0.14Apache Qpid 0.7Apache Qpid 0.15Apache Qpid 0.10Apache Qpid 0.17Apache QpidApache Qpid 0.9Apache Qpid 0.13Apache Qpid 0.6Apache Qpid 0.11Apache Qpid 0.12Apache Qpid 0.18Apache Qpid 0.16Apache Qpid 0.19Apache Qpid 0.5Apache Qpid 0.8
NA
CVE-2012-4446
The default configuration for Apache Qpid 0.20 and previous versions, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote malicious users to bypass authentication and have other unspecified impact via an ...
Apache Qpid 0.7Apache Qpid 0.6Apache Qpid 0.5Apache Qpid 0.16Apache Qpid 0.15Apache Qpid 0.14Apache Qpid 0.13Apache Qpid 0.19Apache Qpid 0.17Apache Qpid 0.12Apache Qpid 0.10Apache Qpid 0.8Apache QpidApache Qpid 0.18Apache Qpid 0.11Apache Qpid 0.9
NA
CVE-2012-4459
Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.
Apache Qpid 0.8Apache Qpid 0.7Apache Qpid 0.6Apache Qpid 0.5Apache Qpid 0.16Apache Qpid 0.15Apache Qpid 0.14Apache Qpid 0.13Apache Qpid 0.19Apache Qpid 0.17Apache Qpid 0.12Apache Qpid 0.10Apache QpidApache Qpid 0.18Apache Qpid 0.11Apache Qpid 0.9
NA
CVE-2013-1909
The Python client in Apache Qpid prior to 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitra...
Redhat Enterprise Mrg 2.0Apache Qpid 0.11Apache Qpid 0.12Apache Qpid 0.13Apache Qpid 0.14Apache Qpid 0.16Apache Qpid 0.18Apache QpidApache Qpid 0.19Apache Qpid 0.5Apache Qpid 0.6Apache Qpid 0.7Apache Qpid 0.8Apache Qpid 0.10Apache Qpid 0.15Apache Qpid 0.17Apache Qpid 0.9
NA
CVE-2012-3467
Apache QPID 0.14, 0.16, and previous versions uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote malicious users to bypass authentication.
Apache QpidApache Qpid 0.6Apache Qpid 0.14Apache Qpid 0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client sideCVE-2023-31889template injectionCVE-2024-4304CVE-2006-4304CVE-2024-33272type confusionCVE-2024-21345CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook