Описание
In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| qpid-java | itp | package |
EPSS
Процентиль: 84%
0.02276
Низкий
Связанные уязвимости
CVSS3: 7.5
nvd
около 8 лет назад
In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected.
CVSS3: 7.5
github
больше 7 лет назад
Apache Qpid Broker-J vulnerable to Denial of Service (DoS) via uncontrolled resource consumption
EPSS
Процентиль: 84%
0.02276
Низкий