activemq:activemq-core@1.1-G1M3 vulnerabilities

  • latest version

    3.2.4

  • first published

    19 years ago

  • latest version published

    18 years ago

  • licenses detected

  • package manager

Direct Vulnerabilities

Known vulnerabilities in the activemq:activemq-core package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Cross-site Scripting (XSS)

activemq:activemq-core is a core package for ActiveMQ Message Broker and Client implementations.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The vulnerability exists in scheduled.jsp in ActiveMQ that allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."

How to fix Cross-site Scripting (XSS)?

There is no fixed version for activemq:activemq-core.

[0,)
  • M
Denial of Service (DoS)

activemq:activemq-core is a core package for ActiveMQ Message Broker and Client implementations.

Affected versions of this package are vulnerable to Denial of Service (DoS). (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.

How to fix Denial of Service (DoS)?

There is no fixed version for activemq:activemq-core.

[0,)