Every CVE whose affected-product data names Apache Qpid Broker-j, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2017-15702 — CVSS 9.8 (critical): In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of…
CVE-2016-4432 — CVSS 9.1 (critical): The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass…
CVE-2017-15701 — CVSS 7.5 (high): In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0…
CVE-2019-0200 — CVSS 7.5 (high): A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an…
CVE-2016-8741 — CVSS 7.5 (high): The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among…
CVE-2018-8030 — CVSS 7.5 (high): A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to…
CVE-2016-3094 — CVSS 5.9 (medium): PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers…
CVE-2018-1298 — CVSS 5.9 (medium): A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP…