Apache Software Foundation Qpid 0.30

CPE Details

Apache Software Foundation Qpid 0.30
apache
qpid
0.30
2014-11-17
18h34 +00:00
2014-11-19
13h06 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:apache:qpid:0.30:*:*:*:*:*:*:*

Informations

Vendor

apache

Product

qpid

Version

0.30

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2015-0203 2018-02-21 14h00 +00:00 The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via an AMQP message with (1) an invalid range in a sequence set, (2) content-bearing methods other than message-transfer, or (3) a session-gap control before a corresponding session-attach.
6.5
Medium
CVE-2015-0224 2017-10-30 13h00 +00:00 qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted protocol sequence set. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0203.
7.5
High
CVE-2015-0223 2015-02-02 15h00 +00:00 Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling.
5
CVE-2014-3629 2014-11-17 15h00 +00:00 XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message.
4.3