Vulnerabilities > Pivotal Software > Spring Advanced Message Queuing Protocol > 1.6.10

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-14	CVE-2018-11087	Improper Certificate Validation vulnerability in Pivotal Software Rabbitmq and Spring Advanced Message Queuing Protocol Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. network pivotal-software CWE-295	4.3
2017-11-27	CVE-2017-8045	Deserialization of Untrusted Data vulnerability in Pivotal Software Spring Advanced Message Queuing Protocol In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. network low complexity pivotal-software CWE-502	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.