rabbit_common
Hex4 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting rabbit_commonpage 1 of 1
- CVE-2019-11291MEDIUMCVSS 4.8EG 4.8✓ Fixed in 3.8.12019-11-22
vulnerable: 3.8.0, 3.8.1-rc.1
Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly…
- CVE-2022-31008MEDIUMCVSS 5.5EG 5.5✓ Fixed in 3.10.22022-10-06
vulnerable: 3.10.0, 3.10.1
RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker (link) state. The encryption key used to encrypt the URI was seeded with a predicta…
- CVE-2023-46118MEDIUMCVSS 4.9EG 4.9✓ Fixed in 3.12.72023-10-25
vulnerable: 3.12.0 ... 3.12.6 (7 versions)
RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable for denial of service (DoS) attacks with very large messages. An authenticated user with sufficient cred…
- CVE-2024-51988MEDIUMCVSS 6.5EG 6.5✓ Fixed in 3.12.112024-11-06
vulnerable: 3.12.10, 3.12.7, 3.12.8, 3.12.9
RabbitMQ is a feature rich, multi-protocol messaging and streaming broker. In affected versions queue deletion via the HTTP API was not verifying the `configure` permission of the user. Users who had all of the following: 1. Valid credenti…
Check whether rabbit_common is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for rabbit_common CVEs against the assets you own.
Start Free Scan →