Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-25110

Published: 12/02/2024 Updated: 12/02/2024

Vulnerability Summary

The UAMQP is a general purpose C library for AMQP 1.0. During a call to open_get_offered_capabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule with commit `30865c9c`. There are no known workarounds for this vulnerability.

Vulnerability Trend

Vendor Advisories

Debian CVElist Bug Report Logs: azure-uamqp-python: CVE-2024-25110
Debian Bug report logs - #1064051 azure-uamqp-python: CVE-2024-25110 Package: src:azure-uamqp-python; Maintainer for src:azure-uamqp-python is Debian Python Team <team+python@trackerdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Fri, 16 Feb 2024 14:24:01 UTC Severity: grave Tags: security, upstr ...

References

https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-c646-4whf-r67vhttps://github.com/Azure/azure-uamqp-c/commit/30865c9ccedaa32ddb036e87a8ebb52c3f18f695https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064051https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook