pkg:Bitnami/rabbitmq

All known vulnerabilities

• HIGH7.8CVE-2021-22117RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with suff…
  >= 3.8.0, < 3.8.16
• HIGH7.5CVE-2022-31008Predictable credential obfuscation seed value used in rabbitmq-server
  from 0, < 3.8.32
• HIGH7.5CVE-2021-22116RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client co…
  from 0, < 3.8.16
• MEDIUM6.7CVE-2020-5419RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary cod…
  >= 3.8.0, < 3.8.7
• MEDIUM6.5CVE-2024-51988RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission
  >= 3.12.7, < 3.12.11
• MEDIUM6.1CVE-2025-30219RabbitMQ has XSS Vulnerability in an Error Message in Management UI
  from 0, < 4.0.3
• MEDIUM5.5CVE-2025-50200RabbitMQ Node can log Basic Auth header from an HTTP request
  from 0, < 4.0.8
• MEDIUM5.4CVE-2021-32718Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in RabbitMQ management UI
  from 0, < 3.8.17
• MEDIUM4.9CVE-2023-46118Denial of Service by publishing large messages over the HTTP API
  from 0, < 3.11.24, >= 3.12.0, < 3.12.7
• MEDIUM4.8CVE-2021-32719Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in RabbitMQ federation management plugin
  from 0, < 3.8.18
• —CVE-2026-44838RabbitMQ MQTT Topic Permission Authorization Bypass
  >= 4.2.0, < 4.2.4