cvedb.io
CVE-2017-15701
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-12-01T15:29:00.213 · Last modified 2026-06-17T01:08:07.353

Summary

In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected.

Affected products

apache — qpid_broker-j

Does this affect you?

Add your gear to cvedb and we'll alert you only when apache ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.