CRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the download parameter to api/definitions.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: canonical
Published: 2015-01-27T17:00:00
Updated: 2024-08-06T13:47:41.815Z
Reserved: 2015-01-27T00:00:00
Link: CVE-2014-9650
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-01-27T20:03:15.080
Modified: 2024-11-21T02:21:20.307
Link: CVE-2014-9650
Redhat