Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

pivotal software spring advanced message queuing protocol vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2017-8045
In Pivotal Spring AMQP versions before 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could be crafted to exploit this and enable a remote code execution attack.
Pivotal Software Spring Advanced Message Queuing Protocol 1.7.3Pivotal Software Spring Advanced Message Queuing Protocol 1.7.2Pivotal Software Spring Advanced Message Queuing Protocol 1.6.8Pivotal Software Spring Advanced Message Queuing Protocol 1.6.9Pivotal Software Spring Advanced Message Queuing Protocol 1.6.10Pivotal Software Spring Advanced Message Queuing Protocol 1.5.0Pivotal Software Spring Advanced Message Queuing Protocol 1.7.0Pivotal Software Spring Advanced Message Queuing Protocol 1.6.0Pivotal Software Spring Advanced Message Queuing Protocol 1.6.5Pivotal Software Spring Advanced Message Queuing Protocol 1.6.7Pivotal Software Spring Advanced Message Queuing Protocol 1.5.1Pivotal Software Spring Advanced Message Queuing Protocol 1.6.1Pivotal Software Spring Advanced Message Queuing Protocol 1.6.2Pivotal Software Spring Advanced Message Queuing Protocol 1.6.3Pivotal Software Spring Advanced Message Queuing Protocol 1.5.3Pivotal Software Spring Advanced Message Queuing Protocol 1.5.4Pivotal Software Spring Advanced Message Queuing Protocol 1.5.5Pivotal Software Spring Advanced Message Queuing Protocol 1.5.6Pivotal Software Spring Advanced Message Queuing Protocol 1.7.1Pivotal Software Spring Advanced Message Queuing Protocol 1.6.4Pivotal Software Spring Advanced Message Queuing Protocol 1.6.6Pivotal Software Spring Advanced Message Queuing Protocol 1.5.2
5.9
CVSSv3
CVE-2018-11087
Pivotal Spring AMQP, 1.x versions before 1.7.10 and 2.x versions before 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.
Pivotal Software Spring Advanced Message Queuing ProtocolPivotal Software Rabbitmq
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook