RabbitMQ is not affected by CVE-2025-32433 (an Erlang/OTP CVE)
RabbitMQ is not affected by CVE-2025-32433 (an Erlang SSH library CVE)
RabbitMQ is not affected by CVE-2025-32433, a vulnerability in the Erlang's SSH library. RabbitMQ does not use SSH, neither the server nor the client parts.
Patched Erlang Releases
Our team did update our RPM repositories and Debian repositories to include Erlang 27.3.3
, 26.2.5.11
and 25.3.2.20
, the versions that contain a vulnerability patch.
For aarch64 (64-bit ARM) RPM packages, see rabbitmq/erlang-rpm
.
RabbitMQ Community Docker Image
RabbitMQ community Docker image was also upgraded to Erlang 27.3.3
and 26.2.5.11
last week..com/docker-library/rabbitmq)
was also upgraded to Erlang 27.3.3
and 26.2.5.11
last week.