Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rabbitmq vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2015-0862
Multiple cross-site scripting (XSS) vulnerabilities in the management web UI in the RabbitMQ management plugin prior to 3.4.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) message details when a message is unqueued, such as headers or arguments; ...
Pivotal Software Rabbitmq Management
890
VMScore
CVE-2020-35196
The official rabbitmq docker images prior to 3.7.13-beta.1-management-alpine (Alpine specific) contain a blank password for a root user. System using the rabbitmq docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root ...
Docker Rabbitmq Docker Image
445
VMScore
CVE-2019-11287
Pivotal RabbitMQ, versions 3.7.x before 3.7.21 and 3.8.x before 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions before 1.16.7 and 1.17.x versions before 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HT...
Pivotal Software Rabbitmq
Vmware Rabbitmq
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Openstack 15
Debian Debian Linux 9.0
384
VMScore
CVE-2021-22116
RabbitMQ all versions before 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the...
Vmware Rabbitmq
Debian Debian Linux 9.0
1 Article
383
VMScore
CVE-2018-11087
Pivotal Spring AMQP, 1.x versions before 1.7.10 and 2.x versions before 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.
Pivotal Software Spring Advanced Message Queuing Protocol
Pivotal Software Rabbitmq
668
VMScore
CVE-2019-18609
An issue exists in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size va...
Rabbitmq-c Project Rabbitmq-c
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
312
VMScore
CVE-2019-11281
Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, versions 1.15.x before 1.15.13, versions 1.16.x before 1.16.6, and versions 1.17.x before 1.17.3, contain two components, the virtual host limits page, and the federation management UI, which do not properly sanit...
Pivotal Software Rabbitmq
Debian Debian Linux 9.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Openstack 15
Redhat Openstack For Ibm Power 15
NA
CVE-2024-1156
Incorrect directory permissions for the shared NI RabbitMQ service may allow a local authenticated user to read RabbitMQ configuration information and potentially enable escalation of privileges.
445
VMScore
CVE-2021-43799
Zulip is an open-source team collaboration tool. Zulip Server installs RabbitMQ for internal message passing. In versions of Zulip Server before 4.9, the initial installation (until first reboot, or restart of RabbitMQ) does not successfully limit the default ports which RabbitMQ...
Zulip Zulip
490
VMScore
CVE-2021-0279
Juniper Networks Contrail Cloud (CC) releases before 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an ...
Juniper Contrail Cloud
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »