Vulnerability in Apache Qpid
CVE-2012-4458
The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-o…
EPSS: 0.025 (85.6th percentile) — read the EPSS interpretation.
Affected products
- Apache Qpid — versions 0.5, 0.6, 0.7
- N/a — versions n/a
Weakness classification (CWE)
References
- secalert@redhat.com (x_refsource_MISC)
- secalert@redhat.com (x_refsource_CONFIRM)
- RHSA-2013:0561 (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_CONFIRM)
- RHSA-2013:0562 (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_CONFIRM, Patch)
- 52516 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)