CVE-2014-9650 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-9650 Interim 1 5 2022-09-19T00:17:16Z current 2021-05-30T13:24:57Z 2022-09-19T00:17:16Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-9650 CRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the download parameter to api/definitions. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Cloud 5 rabbitmq-server rabbitmq-server as a component of SUSE Cloud 5 CRLF injection vulnerability in the management plugin in RabbitMQ 2.1.0 through 3.4.x before 3.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the download parameter to api/definitions. CVE-2014-9650 SUSE Cloud 5:rabbitmq-server moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N