Sharique Alam
Reputation: 7
RabbitMQ Security Vulnerabilities
We are using rabbitmq 3.6.9 version install on a single linux box. As part of the client security vulnerability check following concerns are raised for rabbitmq server.
Can anyone please guide us on resolving the following vulnerabilities.
- DOM-based Cross Site Scripting Vulnerability (http-client-side-xss)
- jQuery Vulnerability: CVE-2012-6708 (jquery-cve-2012-6708)
- jQuery Vulnerability: CVE-2014-6071 (jquery-cve-2014-6071)
Kindly provide your inputs.
Upvotes: -1
Views: 1463
Answers (1)
Luke Bakken
Reputation: 9627
RabbitMQ 3.6.9 is over two years old!
It makes absolutely no sense to run security checks on old software!
You should be using RabbitMQ 3.8.0 or 3.7.19.
Upvotes: 1
Related Questions
- Vulnerability in RabbitMQ : disable cleartext authentication mechanisms in the amqp configuration
- RabbitMQ - best practice
- RabbitMQ security in mobile app
- rabbitmq-management plugin HTTP API - Security concerns
- Two questions about RabbitMQ
- RabbitMQ - Basic newbie questions
- RabbitMQ - security/authentication
- Problems with RabbitMq Managment
- RabbitMQ real world scenario
- is it safe to allow clients to connect directly to a rabbitmq and consume a queue?