Pivotal Software - Spring Advanced Message Queuing Protocol CVE

Filtered by vendor Pivotal Software Subscribe

Filtered by product Spring Advanced Message Queuing Protocol

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-8045	1 Pivotal Software	1 Spring Advanced Message Queuing Protocol	2017-12-12	7.5 HIGH	9.8 CRITICAL
In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being converted into a string. A malicious payload could be crafted to exploit this and enable a remote code execution attack.

Vulnerabilities (CVE)