Sheetal Shah created ATLAS-4809:
-----------------------------------
Summary: Atlas - Upgrade amqp-client to 5.18.0+
Key: ATLAS-4809
URL: https://issues.apache.org/jira/browse/ATLAS-4809
Project: Atlas
Issue Type: Task
Components: atlas-core
Affects Versions: 2.3.0
Reporter: Sheetal Shah
Upgrade amqp-client to 5.18.0+
The RabbitMQ Java client library allows Java and JVM-based applications to
connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when
receiving Message objects. Attackers could send a very large Message causing a
memory overflow and triggering an OOM Error. Users of RabbitMQ may suffer from
DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory
of the consumer. This vulnerability was patched in version 5.18.0.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
