INFSA-2023:6482: librabbitmq security update
Information about definition
Identificator: INFSA-2023:6482
Type: security
Release date: 2025-03-05 17:30:05 UTC
Information about package
The librabbitmq packages provide an Advanced Message Queuing Protocol (AMQP) client library that allows you to communicate with AMQP servers using protocol version 0-9-1.
Vulnerabilities description
- CVE-2023-35789
An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2023-35789
|
no information | 5.1 | no information |
Updated packages