← back
CVE-2023-35789

CVE-2023-35789

EPSS 0.2%
An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/alanxz/rabbitmq-c/issues/575https://github.com/alanxz/rabbitmq-c/pull/781https://lists.debian.org/debian-lts-announce/2025/03/msg00022.html