Back to CVE List

CVE-2026-57212

Vulnerability Description

RabbitMQ is a messaging and streaming broker. Prior to 3.13.14, 4.0.19, 4.1.10, and 4.2.5, the rabbitmq_management HTTP API accepts oversized valid JSON bodies on with_decode and direct_request paths because read_complete_body checks the accumulated size before the final chunk but not the final combined size. This issue is fixed in versions 3.13.14, 4.0.19, 4.1.10, and 4.2.5.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-770
Source
NVD
Vendor
rabbitmq
Product
rabbitmq-server

External References

Discussion (0)

Add Comment

No comments yet. Be the first!