Security
| CVE-ID | Severity | Affected versions | Fixed versions | Summary |
|---|---|---|---|---|
| CVE-2016-4467 | Medium | 0.8 through 0.13.0 inclusive | 0.13.1 and later | Failure to verify that the server host name matches the certificate host name on Windows |
| CVE-2016-2166 | Moderate | 0.9 through 0.12.0 inclusive | 0.12.1 and later | Python bindings silently ignore request for amqps if SSL/TLS not supported |
| CVE-2019-0223 | Important | 0.9 through 0.27.0 inclusive | 0.27.1 and later | TLS Man in the Middle Vulnerability |
See the main Security page for general information and details for other components.
Apache Qpid, Messaging built on AMQP; Copyright © 2015 The Apache Software Foundation; Licensed under the Apache License, Version 2.0; Apache Qpid, Qpid, Qpid Proton, Proton, Apache, the Apache feather logo, and the Apache Qpid project logo are trademarks of The Apache Software Foundation; All other marks mentioned may be trademarks or registered trademarks of their respective owners