rpm package
suse/rabbitmq-server&distro=SUSE Linux Enterprise Module for Server Applications 15 SP2
pkg:rpm/suse/rabbitmq-server&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP2
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-32719 | — | < 3.8.3-3.3.4 | 3.8.3-3.3.4 | Jun 28, 2021 | RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the `rabbitmq_federation_management` plugin, its consumer tag was rendered without proper tag sanitization. T | ||
| CVE-2021-32718 | — | < 3.8.3-3.3.4 | 3.8.3-3.3.4 | Jun 28, 2021 | RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.17, a new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper `` tag sanitization, potentially allowing for JavaScri | ||
| CVE-2021-22116 | — | < 3.8.3-3.3.4 | 3.8.3-3.3.4 | Jun 8, 2021 | RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having t |
- CVE-2021-32719Jun 28, 2021affected < 3.8.3-3.3.4fixed 3.8.3-3.3.4
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the `rabbitmq_federation_management` plugin, its consumer tag was rendered without proper tag sanitization. T
- CVE-2021-32718Jun 28, 2021affected < 3.8.3-3.3.4fixed 3.8.3-3.3.4
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.17, a new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper `` tag sanitization, potentially allowing for JavaScri
- CVE-2021-22116Jun 8, 2021affected < 3.8.3-3.3.4fixed 3.8.3-3.3.4
RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having t