Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/com.rabbitmq/amqp-client@3.6.2

Type maven

Namespace com.rabbitmq

Name amqp-client

Version 3.6.2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 5.18.0

Latest_non_vulnerable_version 5.18.0

Affected_by_vulnerabilities

url VCID-kqmm-ejz4-73f9

vulnerability_id VCID-kqmm-ejz4-73f9

summary The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer. This vulnerability was patched in version 5.18.0.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-46120

reference_id

reference_type

scores

value	0.01095
scoring_system	epss
scoring_elements	0.78396
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-46120

reference_url

https://github.com/rabbitmq/rabbitmq-java-client

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rabbitmq/rabbitmq-java-client

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-46120

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-46120

reference_url

https://github.com/rabbitmq/rabbitmq-java-client/issues/1062

reference_id

1062

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:10:31Z/

url

https://github.com/rabbitmq/rabbitmq-java-client/issues/1062

reference_url

https://github.com/rabbitmq/rabbitmq-java-client/commit/714aae602dcae6cb4b53cadf009323ebac313cc8

reference_id

714aae602dcae6cb4b53cadf009323ebac313cc8

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:10:31Z/

url

https://github.com/rabbitmq/rabbitmq-java-client/commit/714aae602dcae6cb4b53cadf009323ebac313cc8

reference_url

https://github.com/advisories/GHSA-mm8h-8587-p46h

reference_id

GHSA-mm8h-8587-p46h

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mm8h-8587-p46h

reference_url

https://github.com/rabbitmq/rabbitmq-java-client/security/advisories/GHSA-mm8h-8587-p46h

reference_id

GHSA-mm8h-8587-p46h

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:10:31Z/

url

https://github.com/rabbitmq/rabbitmq-java-client/security/advisories/GHSA-mm8h-8587-p46h

reference_url

https://github.com/rabbitmq/rabbitmq-java-client/releases/tag/v5.18.0

reference_id

v5.18.0

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-11T13:10:31Z/

url

https://github.com/rabbitmq/rabbitmq-java-client/releases/tag/v5.18.0

fixed_packages

url	pkg:maven/com.rabbitmq/amqp-client@5.18.0
purl	pkg:maven/com.rabbitmq/amqp-client@5.18.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/com.rabbitmq/amqp-client@5.18.0

aliases CVE-2023-46120, GHSA-mm8h-8587-p46h

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kqmm-ejz4-73f9

url VCID-rurz-a5jg-x7a1

vulnerability_id VCID-rurz-a5jg-x7a1

summary

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-11087

reference_id

reference_type

scores

value	0.00552
scoring_system	epss
scoring_elements	0.6847
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-11087

reference_url	https://github.com/spring-projects/spring-amqp/commit/444b74e95bb299af5e23ebf006fbb45d574fb95
reference_id
reference_type
scores
url	https://github.com/spring-projects/spring-amqp/commit/444b74e95bb299af5e23ebf006fbb45d574fb95

reference_url	https://github.com/spring-projects/spring-amqp/commit/aff4d0aefcdb99726fd739abf3b9bb96df97b0f
reference_id
reference_type
scores
url	https://github.com/spring-projects/spring-amqp/commit/aff4d0aefcdb99726fd739abf3b9bb96df97b0f

reference_url	https://github.com/spring-projects/spring-amqp/commit/d64e7fa3993dac577c0973e0caf8c31d27ef5e4
reference_id
reference_type
scores
url	https://github.com/spring-projects/spring-amqp/commit/d64e7fa3993dac577c0973e0caf8c31d27ef5e4

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-11087

reference_id

CVE-2018-11087

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-11087

reference_url

https://pivotal.io/security/cve-2018-11087

reference_id

CVE-2018-11087

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://pivotal.io/security/cve-2018-11087

reference_url

https://github.com/advisories/GHSA-w4g2-9hj6-5472

reference_id

GHSA-w4g2-9hj6-5472

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-w4g2-9hj6-5472

fixed_packages

url pkg:maven/com.rabbitmq/amqp-client@4.8.0

purl pkg:maven/com.rabbitmq/amqp-client@4.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kqmm-ejz4-73f9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.rabbitmq/amqp-client@4.8.0

url pkg:maven/com.rabbitmq/amqp-client@5.4.0

purl pkg:maven/com.rabbitmq/amqp-client@5.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-kqmm-ejz4-73f9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.rabbitmq/amqp-client@5.4.0

aliases CVE-2018-11087, GHSA-w4g2-9hj6-5472

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rurz-a5jg-x7a1

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/com.rabbitmq/amqp-client@3.6.2

Package Instance