USN-7763-1

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/notices/USN-7763-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7763-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-7763-1
Upstream
Related
Published
2025-09-23T17:14:09.650242Z
Modified
2025-09-25T04:49:54.330927Z
Summary
rabbitmq-server vulnerability
Details

It was discovered that RabbitMQ Server incorrectly included authorization headers when logging. A local attacker could possibly use this issue to obtain sensitive information.

References

Affected packages

Ubuntu:25.04 / rabbitmq-server

Package

Name
rabbitmq-server
Purl
pkg:deb/ubuntu/rabbitmq-server@4.0.5-2ubuntu2.1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.0.5-2ubuntu2.1

Affected versions

3.*

3.12.1-1ubuntu2

4.*

4.0.5-2ubuntu1
4.0.5-2ubuntu2

Ecosystem specific 

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "rabbitmq-server",
            "binary_version": "4.0.5-2ubuntu2.1"
        }
    ]
}