ReportizFlow
Filtered by vendor Microsoft
Subscriptions
Filtered by product Azure Uamqp
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-25110 | 1 Microsoft | 1 Azure Uamqp | 2024-11-22 | 9.8 Critical |
| The UAMQP is a general purpose C library for AMQP 1.0. During a call to open_get_offered_capabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule with commit `30865c9c`. There are no known workarounds for this vulnerability. | ||||
| CVE-2024-21646 | 1 Microsoft | 1 Azure Uamqp | 2024-11-21 | 9.8 Critical |
| Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. This vulnerability has been patched in release 2024-01-01. | ||||
Page 1 of 1.