Описание
XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message.
Отчет
Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | qpid-cpp | Affected | ||
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 | qpid-cpp | Under investigation | ||
| Red Hat Enterprise MRG 2 | qpid-cpp | Affected | ||
| Red Hat Enterprise MRG 3 | qpid-cpp | Under investigation | ||
| Red Hat Satellite 6 | qpid-cpp | Under investigation |
Показывать по
Дополнительная информация
Статус:
EPSS
3.5 Low
CVSS2
Связанные уязвимости
XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message.
XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message.
XML external entity (XXE) vulnerability in the XML Exchange module in ...
XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message.
EPSS
3.5 Low
CVSS2