Vulnerabilities > Apache > Qpid > 0.30

DATE CVE VULNERABILITY TITLE RISK
2018-02-21 CVE-2015-0203 Data Processing Errors vulnerability in Apache Qpid
The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via an AMQP message with (1) an invalid range in a sequence set, (2) content-bearing methods other than message-transfer, or (3) a session-gap control before a corresponding session-attach.
network
low complexity
apache CWE-19
4.0
4.0
2017-10-30 CVE-2015-0224 Data Processing Errors vulnerability in Apache Qpid
qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted protocol sequence set.
network
low complexity
apache CWE-19
7.5
7.5
2015-02-02 CVE-2015-0223 Permissions, Privileges, and Access Controls vulnerability in Apache Qpid
Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling.
network
low complexity
apache CWE-264
5.0
5.0
2014-11-17 CVE-2014-3629 Data Processing Errors vulnerability in Apache Qpid 0.30
XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message.
network
apache CWE-19
4.3
4.3