[
https://issues.apache.org/jira/browse/ATLAS-4809?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sheetal Shah reassigned ATLAS-4809:
-----------------------------------
Assignee: Sheetal Shah
> Atlas - Upgrade amqp-client to 5.18.0+
> ---------------------------------------
>
> Key: ATLAS-4809
> URL: https://issues.apache.org/jira/browse/ATLAS-4809
> Project: Atlas
> Issue Type: Task
> Components: atlas-core
> Affects Versions: 2.3.0
> Reporter: Sheetal Shah
> Assignee: Sheetal Shah
> Priority: Major
>
> Upgrade amqp-client to 5.18.0+
> The RabbitMQ Java client library allows Java and JVM-based applications to
> connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used
> when receiving Message objects. Attackers could send a very large Message
> causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may
> suffer from DoS attacks from RabbitMQ Java client which will ultimately
> exhaust the memory of the consumer. This vulnerability was patched in version
> 5.18.0.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
