CVE-2016-2173
org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code.
| Software | From | Fixed in |
|---|---|---|
| fedoraproject / fedora | 22 | 22.x |
| fedoraproject / fedora | 24 | 24.x |
| fedoraproject / fedora | 23 | 23.x |
| vmware / spring_advanced_message_queuing_protocol | - | 1.5.5 |
org.springframework.amqp / spring-amqp
|
- | 1.5.5 |
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182551.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182850.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182959.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1326205
- https://pivotal.io/security/cve-2016-2173
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime