CVE-2024-21646
CVSS V2 None
CVSS V3 None
Description
Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. This vulnerability has been patched in release 2024-01-01.
Overview
- CVE ID
- CVE-2024-21646
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-01-09T00:04:53.587Z
- Last Modified Date
- 2024-01-09T00:04:53.587Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-j29m-p99g-7hpv | x_refsource_CONFIRM |
https://github.com/Azure/azure-uamqp-c/commit/12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe | x_refsource_MISC |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-21646 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21646 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-26 15:25:00 | Added to TrackCVE |