CVE-2021-22095 is a vulnerability in VMware Spring Advanced Message Queuing Protocol
Published on November 30, 2021

In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString() method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message

NVD

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE-2021-22095 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.

Products Associated with CVE-2021-22095

Want to know whenever a new CVE is published for VMware Spring Advanced Message Queuing Protocol? stack.watch will email you.

VMware Spring Advanced Message Queuing Protocol

Exploit Probability

EPSS

0.57%

Percentile

68.30%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-22095 is a vulnerability in VMware Spring Advanced Message Queuing ProtocolPublished on November 30, 2021

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

Products Associated with CVE-2021-22095

Exploit Probability

CVE-2021-22095 is a vulnerability in VMware Spring Advanced Message Queuing Protocol
Published on November 30, 2021