rpm package
opensuse/rabbitmq-server&distro=openSUSE Leap 15.2
pkg:rpm/opensuse/rabbitmq-server&distro=openSUSE%20Leap%2015.2
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-32719 | — | < 3.8.3-lp152.2.3.1 | 3.8.3-lp152.2.3.1 | Jun 28, 2021 | RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the `rabbitmq_federation_management` plugin, its consumer tag was rendered without proper tag sanitization. T | ||
| CVE-2021-32718 | — | < 3.8.3-lp152.2.3.1 | 3.8.3-lp152.2.3.1 | Jun 28, 2021 | RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.17, a new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper `` tag sanitization, potentially allowing for JavaScri | ||
| CVE-2021-22116 | — | < 3.8.3-lp152.2.3.1 | 3.8.3-lp152.2.3.1 | Jun 8, 2021 | RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having t |
- CVE-2021-32719Jun 28, 2021affected < 3.8.3-lp152.2.3.1fixed 3.8.3-lp152.2.3.1
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the `rabbitmq_federation_management` plugin, its consumer tag was rendered without proper tag sanitization. T
- CVE-2021-32718Jun 28, 2021affected < 3.8.3-lp152.2.3.1fixed 3.8.3-lp152.2.3.1
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.17, a new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper `` tag sanitization, potentially allowing for JavaScri
- CVE-2021-22116Jun 8, 2021affected < 3.8.3-lp152.2.3.1fixed 3.8.3-lp152.2.3.1
RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having t