Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2020-27217
HistoryNov 13, 2020 - 8:15 p.m.

CVE-2020-27217

2020-11-1320:15:16
Google
osv.dev
3

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.4%

JSON

In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP messages received from devices. In particular, a device may send messages that are bigger than the max-message-size that the protocol adapter has indicated during link establishment. While the AMQP 1.0 protocol explicitly disallows a peer to send such messages, a hand crafted AMQP 1.0 client could exploit this behavior in order to send a message of unlimited size to the adapter, eventually causing the adapter to fail with an out of memory exception.

CPENameOperatorVersion
honoeq0.5-M2
honoeq1.0-M6
honoeq1.2.0
honoeq1.0-M1
honoeq1.0-M3
honoeq1.0-M7
honoeq0.8-M1
honoeq1.0-M4
honoeq0.8-M2
honoeq0.9-M2
Rows per page:
1-10 of 411

Related

cve 1
github 1
osv 1
cvelist 1
nvd 1
prion 1
cve
cve
CVE-2020-27217
2020-11-13 20:15:16
github
github
Improper Validation of Specified Quantity in Input in Eclipse Hono
2022-02-10 20:22:06
osv
osv
Improper Validation of Specified Quantity in Input in Eclipse Hono
2022-02-10 20:22:06
cvelist
cvelist
CVE-2020-27217
2020-11-13 19:30:16
nvd
nvd
CVE-2020-27217
2020-11-13 20:15:16
prion
prion
Design/Logic Flaw
2020-11-13 20:15:00

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.4%

JSON
Related for OSV:CVE-2020-27217
cve1github1osv1cvelist1nvd1prion1