Vulnerabilities > Apache > Qpid Broker J > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-06 | CVE-2019-0200 | Unspecified vulnerability in Apache Qpid Broker-J A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91 and 0-10). | 7.5 |
| 2018-06-20 | CVE-2018-8030 | Improper Input Validation vulnerability in Apache Qpid Broker-J A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). | 7.5 |
| 2017-12-01 | CVE-2017-15701 | Resource Exhaustion vulnerability in Apache Qpid Broker-J In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. | 7.5 |
| 2017-05-15 | CVE-2016-8741 | Information Exposure vulnerability in Apache Qpid Broker-J The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. | 7.5 |