Vulnerabilities > Vmware > Rabbitmq
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-46118 | Resource Exhaustion vulnerability in VMWare Rabbitmq RabbitMQ is a multi-protocol messaging and streaming broker. | 4.9 |
| 2022-10-06 | CVE-2022-31008 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in VMWare Rabbitmq RabbitMQ is a multi-protocol messaging and streaming broker. | 7.5 |
| 2021-06-28 | CVE-2021-32719 | Cross-site Scripting vulnerability in VMWare Rabbitmq RabbitMQ is a multi-protocol messaging broker. | 4.8 |
| 2021-06-28 | CVE-2021-32718 | Cross-site Scripting vulnerability in VMWare Rabbitmq RabbitMQ is a multi-protocol messaging broker. | 5.4 |
| 2021-06-08 | CVE-2021-22116 | Improper Input Validation vulnerability in multiple products RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. | 7.5 |
| 2021-05-18 | CVE-2021-22117 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Rabbitmq RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient local filesystem permissions to add arbitrary plugins. | 7.8 |
| 2020-08-31 | CVE-2020-5419 | Uncontrolled Search Path Element vulnerability in multiple products RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. | 6.7 |
| 2019-11-23 | CVE-2019-11287 | Use of Externally-Controlled Format String vulnerability in multiple products Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. | 7.5 |
| 2019-11-22 | CVE-2019-11291 | Cross-site Scripting vulnerability in multiple products Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input. | 4.8 |
| 2017-06-13 | CVE-2017-4967 | Cross-site Scripting vulnerability in multiple products An issue was discovered in these Pivotal RabbitMQ versions: all 3.4.x versions, all 3.5.x versions, and 3.6.x versions prior to 3.6.9; and these RabbitMQ for PCF versions: all 1.5.x versions, 1.6.x versions prior to 1.6.18, and 1.7.x versions prior to 1.7.15. | 6.1 |