CVE-2019-0200
First published: Wed Mar 06 2019(Updated: )
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated attacker to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, 0-91 and 0-10). Users of Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 utilizing AMQP protocols 0-8, 0-9, 0-91, 0-10 must upgrade to Qpid Broker-J versions 7.0.7 or 7.1.1 or later.
Credit: security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Qpid Broker-J | >=6.0.0<=7.0.6 | |
| Apache Qpid Broker-J | =7.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/author
- agent/event
- agent/description
- agent/first-publish-date
- vendor/apache
- canonical/apache qpid broker-j
- version/apache qpid broker-j/6.0.0
- version/apache qpid broker-j/7.0.6
- version/apache qpid broker-j/7.1.0