VYPR

RabbitMQ

by VMware

CVEs (3)

  • CVE-2021-22117HigMay 18, 2021
    risk 0.51cvss 7.8epss 0.01

    RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins.

  • CVE-2021-22116HigJun 8, 2021
    risk 0.49cvss 7.5epss 0.01

    RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having…

  • CVE-2020-5419MedAug 31, 2020
    risk 0.44cvss 6.7epss 0.00

    RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local…