rabbitmq

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Highly reliable and performant enterprise messaging implementation of AMQP written in Erlang/OTP
Version 3.8.4-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-322 3.6.8-1 3.6.9-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2017-4967 AVG-322 Medium Yes Cross-site scripting
It has been discovered that several forms in the RabbitMQ management UI are vulnerable to XSS attacks.
CVE-2017-4966 AVG-322 Medium No Information disclosure
It has been discovered that the RabbitMQ management UI stores signed- in user credentials in a browser's local storage without expiration, making it...
CVE-2017-4965 AVG-322 Medium Yes Cross-site scripting
It has been discovered that several forms in the RabbitMQ management UI are vulnerable to XSS attacks.