CVE-2017-8045
27.11.2017, 10:29
In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could be crafted to exploit this and enable a remote code execution attack.Enginsight
Vendor | Product | Version |
---|---|---|
pivotal_software | spring_advanced_message_queuing_protocol | 1.5.0 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.5.0:m1 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.5.0:rc1 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.5.1 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.5.2 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.5.3 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.5.4 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.5.5 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.5.6 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.0 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.0:m1 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.0:m2 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.0:rc1 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.1 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.2 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.3 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.4 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.5 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.6 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.7 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.8 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.9 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.6.10 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.7.0 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.7.1 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.7.2 |
pivotal_software | spring_advanced_message_queuing_protocol | 1.7.3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration