Skip to main content

Qpid Proton

2 CVEs product

Monthly

CVE-2016-4467 MEDIUM This Month

The C client and C-based client bindings in the Apache Qpid Proton library before 0.13.1 on Windows do not properly verify that the server hostname matches a domain name in the subject's Common Name. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Apache Information Disclosure Qpid Proton
NVD
CVSS 3.0
5.9
EPSS
0.4%
CVE-2016-2166 Maven MEDIUM PATCH This Month

The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Apache Qpid Proton Fedora
NVD
CVSS 3.0
6.5
EPSS
0.3%
EPSS 0% CVSS 5.9
MEDIUM This Month

The C client and C-based client bindings in the Apache Qpid Proton library before 0.13.1 on Windows do not properly verify that the server hostname matches a domain name in the subject's Common Name. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Apache Information Disclosure +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Apache Qpid Proton +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy