| Max CVSS | 5.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-0223 | 5.8 |
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer cert
|
22-04-2022 - 20:09 | 23-04-2019 - 16:29 | |
| CVE-2016-4467 | 4.3 |
The C client and C-based client bindings in the Apache Qpid Proton library before 0.13.1 on Windows do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certifica
|
23-04-2019 - 12:29 | 02-05-2017 - 14:59 | |
| CVE-2016-2166 | 5.8 |
The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, whic
|
23-04-2019 - 12:29 | 12-04-2016 - 14:59 |