VDB
CVE-2015-0203
CVE-2015-0203
PUBLISHED
The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via an AMQP message with (1) an invalid range in a sequence set, (2) content-bearing methods other than message-transfer, or (3) a session-gap control before a corresponding session-attach.
EPSS 16.99% · 95.1th percentile
Risk Scores
EPSS Score
16.99%
95.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | qpid-cpp | 0, 0.16-9ubuntu1, 0.16-9ubuntu2 |
Timeline
- Feb 21, 2018 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 22, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jun 2, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2015-0203 third-party-advisory
- https://issues.apache.org/jira/browse/QPID-6310 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2015-0203 third-party-advisory