Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache qpid vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2009-5004
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use .
Apache Qpid-cpp 1.0
6.5
CVSSv3
CVE-2016-2166
The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton prior to 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-mid...
Apache Qpid Proton
Fedoraproject Fedora 23
5.9
CVSSv3
CVE-2018-1298
A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated malicious user to crash t...
Apache Qpid Broker-j 7.0.0
5.9
CVSSv3
CVE-2016-4467
The C client and C-based client bindings in the Apache Qpid Proton library prior to 0.13.1 on Windows do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when using the SChan...
Apache Qpid Proton 0.12.0
Apache Qpid Proton 0.12.1
Apache Qpid Proton 0.13.0
Apache Qpid Proton 0.11.1
Apache Qpid Proton 0.11.0
Apache Qpid Proton 0.10.0
Apache Qpid Proton 0.9.1
Apache Qpid Proton 0.12.2
Apache Qpid Proton 0.9.0
Apache Qpid Proton 0.8.0
5.9
CVSSv3
CVE-2016-3094
PlainSaslServer.java in Apache Qpid Java prior to 6.0.3, when the broker is configured to allow plaintext passwords, allows remote malicious users to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception.
Apache Qpid Broker-j
NA
CVE-2014-3629
XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote malicious users to cause outgoing HTTP connections via a crafted message.
Apache Qpid 0.30
NA
CVE-2013-1909
The Python client in Apache Qpid prior to 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitra...
Redhat Enterprise Mrg 2.0
Apache Qpid 0.11
Apache Qpid 0.12
Apache Qpid 0.13
Apache Qpid 0.14
Apache Qpid 0.16
Apache Qpid 0.18
Apache Qpid
Apache Qpid 0.19
Apache Qpid 0.5
Apache Qpid 0.6
Apache Qpid 0.7
Apache Qpid 0.8
Apache Qpid 0.10
Apache Qpid 0.15
Apache Qpid 0.17
Apache Qpid 0.9
NA
CVE-2012-4458
The AMQP type decoder in Apache Qpid 0.20 and previous versions allows remote malicious users to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.
Apache Qpid 0.8
Apache Qpid 0.7
Apache Qpid 0.6
Apache Qpid 0.5
Apache Qpid 0.16
Apache Qpid 0.15
Apache Qpid 0.14
Apache Qpid 0.13
Apache Qpid
Apache Qpid 0.18
Apache Qpid 0.11
Apache Qpid 0.9
Apache Qpid 0.19
Apache Qpid 0.17
Apache Qpid 0.12
Apache Qpid 0.10
NA
CVE-2012-4446
The default configuration for Apache Qpid 0.20 and previous versions, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote malicious users to bypass authentication and have other unspecified impact via an ...
Apache Qpid 0.7
Apache Qpid 0.6
Apache Qpid 0.5
Apache Qpid 0.16
Apache Qpid 0.15
Apache Qpid 0.14
Apache Qpid 0.13
Apache Qpid 0.19
Apache Qpid 0.17
Apache Qpid 0.12
Apache Qpid 0.10
Apache Qpid 0.8
Apache Qpid
Apache Qpid 0.18
Apache Qpid 0.11
Apache Qpid 0.9
NA
CVE-2012-4459
Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.
Apache Qpid 0.8
Apache Qpid 0.7
Apache Qpid 0.6
Apache Qpid 0.5
Apache Qpid 0.16
Apache Qpid 0.15
Apache Qpid 0.14
Apache Qpid 0.13
Apache Qpid 0.19
Apache Qpid 0.17
Apache Qpid 0.12
Apache Qpid 0.10
Apache Qpid
Apache Qpid 0.18
Apache Qpid 0.11
Apache Qpid 0.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »