Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache qpid broker-j vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-15702
In Apache Qpid Broker-J 0.18 up to and including 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using a...
Apache Qpid Broker-j
5
CVSSv2
CVE-2019-0200
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated malicious user to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, ...
Apache Qpid Broker-j
Apache Qpid Broker-j 7.1.0
5
CVSSv2
CVE-2018-8030
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP prot...
Apache Qpid Broker-j
5
CVSSv2
CVE-2017-15701
In Apache Qpid Broker-J versions 6.1.0 up to and including 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually termi...
Apache Qpid Broker-j
5
CVSSv2
CVE-2016-8741
The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It exists that these AuthenticationProviders in Apache Qpid Br...
Apache Qpid Broker-j 6.0.1
Apache Qpid Broker-j 6.0.2
Apache Qpid Broker-j 6.0.3
Apache Qpid Broker-j 6.0.4
Apache Qpid Broker-j 6.0.5
Apache Qpid Broker-j 6.1.0
5
CVSSv2
CVE-2016-4432
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java prior to 6.0.3 might allow remote malicious users to bypass authentication and consequently perform actions via vectors related to connection state logging.
Apache Qpid Broker-j
4.3
CVSSv2
CVE-2018-1298
A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated malicious user to crash t...
Apache Qpid Broker-j 7.0.0
4.3
CVSSv2
CVE-2016-3094
PlainSaslServer.java in Apache Qpid Java prior to 6.0.3, when the broker is configured to allow plaintext passwords, allows remote malicious users to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception.
Apache Qpid Broker-j
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started