VYPR
Vendor

Voxpupuli

Products
1
CVEs
8
Across products
8
Status
Private

Products

1

Recent CVEs

8
  • CVE-2024-1156Feb 20, 2024
    risk 0.00cvss epss 0.00

    Incorrect directory permissions for the shared NI RabbitMQ service may allow a local authenticated user to read RabbitMQ configuration information and potentially enable escalation of privileges.

  • CVE-2023-35789Jun 16, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.

  • CVE-2021-22116Jun 8, 2021
    risk 0.00cvss epss 0.01

    RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having…

  • CVE-2021-22117May 18, 2021
    risk 0.00cvss epss 0.01

    RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins.

  • CVE-2020-5419Aug 31, 2020
    risk 0.00cvss epss 0.00

    RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local…

  • CVE-2019-18609Dec 1, 2019
    risk 0.00cvss epss 0.03

    An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller…

  • CVE-2019-11281Oct 16, 2019
    risk 0.00cvss epss 0.01

    Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, versions 1.15.x prior to 1.15.13, versions 1.16.x prior to 1.16.6, and versions 1.17.x prior to 1.17.3, contain two components, the virtual host limits page, and the federation management UI, which do not…

  • CVE-2014-9568Feb 3, 2015
    risk 0.00cvss epss 0.00

    puppetlabs-rabbitmq 3.0 through 4.1 stores the RabbitMQ Erlang cookie value in the facts of a node, which allows local users to obtain sensitive information as demonstrated by using Facter.