Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Mageia: 2021-0390 Critical: RabbitMQ Server Denial Of Service Issues

mageia
Calendar Grey August 6, 2021
Dist Mageia Esm H88
New rabbitmq-server updates address vulnerabilities related to service interruptions and JavaScript execution problems for Mageia 8 clientele.
Updated rabbitmq-server packages fix security vulnerabilities: RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validatio...

Summary

Updated rabbitmq-server packages fix security vulnerabilities:
RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugin enabled (CVE-2021-22116).
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.17, a new user being added via management UI could lead to the user's bane being rendered in a confirmation message without proper "

Lowest
Low
Medium
High
Critical

Publication date: 06 Aug 2021
URL: https://advisories.mageia.org/MGASA-2021-0390.html
Type: security
CVE: CVE-2021-22116, CVE-2021-32718, CVE-2021-32719

Topics%20covered

Topics Covered

security advisory denial of service software update security fix RabbitMQ Mageia JavaScript execution

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here