Vulnerabilities > Pivotal Software > Spring Advanced Message Queuing Protocol > High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-11-27	CVE-2017-8045	Deserialization of Untrusted Data vulnerability in Pivotal Software Spring Advanced Message Queuing Protocol In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. network low complexity pivotal-software CWE-502	7.5
2017-04-21	CVE-2016-2173	Improper Input Validation vulnerability in multiple products org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code. network low complexity fedoraproject pivotal-software vmware CWE-20	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.