[CVE-2025-32433] - Is RabbitMQ (3.11.28) impacted on this?

[cobasajaxinpho]

Community Support Policy

• I have read RabbitMQ's Community Support Policy

RabbitMQ version used

3.13.7 or older

How is RabbitMQ deployed?

Community Docker image

Steps to reproduce the behavior in question

Hi Hello,
I'm using RabbitMQ version 3.11.28 understand that it's has use Erlang, can i check if this version impacted with CVE-2025-32433([https://arcticwolf.com/resources/blog/cve-2025-32433])?

[michaelklishin]

Duplicate of #13776 asked some 14 hours ago.

RabbitMQ does not use SSH in any way.

Even then, our Erlang packages (both RPM and Debian) have been updated to provide 27.3.3, 26.2.5.11, and even 25.3.2.20 last week.

[michaelklishin]

@cobasajaxinpho FYI, RabbitMQ 3.11 has reached a complete end of life, so don't expect any more patch releases.

Everything older than 4.1.0 is out of community support 3.11.x and pretty soon 3.12.x will be out of any kind of support, paid or not, security-related or not.

It's time to upgrade (3.11.latest to 3.12.latest then to 3.13.7 then to 4.1.0, following the docs instructions every step of the way).