Vulnerabilities > Pivotal Software > Spring Advanced Message Queuing Protocol > 1.5.3

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-14	CVE-2018-11087	Improper Certificate Validation vulnerability in multiple products Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. network high complexity pivotal-software vmware CWE-295	5.9
2017-11-27	CVE-2017-8045	Deserialization of Untrusted Data vulnerability in Pivotal Software Spring Advanced Message Queuing Protocol In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. network low complexity pivotal-software CWE-502 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.