CVE-2024-25110

CVSS V2 None CVSS V3 None
Description
The UAMQP is a general purpose C library for AMQP 1.0. During a call to open_get_offered_capabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule with commit `30865c9c`. There are no known workarounds for this vulnerability.
Overview
  • CVE ID
  • CVE-2024-25110
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-02-12T19:58:36.362Z
  • Last Modified Date
  • 2024-02-12T19:58:36.362Z
History
Created Old Value New Value Data Type Notes
2024-06-26 12:13:13 Added to TrackCVE