activemq:activemq-core@3.1_javadoc vulnerabilities

latest version

3.2.4

first published

19 years ago

latest version published

18 years ago

licenses detected

Unknown
[1.1-G1M3,)

package manager

View on Maven Repository

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the activemq:activemq-core package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS) activemq:activemq-core is a core package for ActiveMQ Message Broker and Client implementations. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The vulnerability exists in `scheduled.jsp` in ActiveMQ that allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message." How to fix Cross-site Scripting (XSS)? There is no fixed version for `activemq:activemq-core`.	[0,)
M Denial of Service (DoS) activemq:activemq-core is a core package for ActiveMQ Message Broker and Client implementations. Affected versions of this package are vulnerable to Denial of Service (DoS). (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests. How to fix Denial of Service (DoS)? There is no fixed version for `activemq:activemq-core`.	[0,)

Cross-site Scripting (XSS)

activemq:activemq-core is a core package for ActiveMQ Message Broker and Client implementations.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The vulnerability exists in scheduled.jsp in ActiveMQ that allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."

How to fix Cross-site Scripting (XSS)?

There is no fixed version for activemq:activemq-core.

[0,)

Denial of Service (DoS)

activemq:activemq-core is a core package for ActiveMQ Message Broker and Client implementations.

Affected versions of this package are vulnerable to Denial of Service (DoS). (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.

How to fix Denial of Service (DoS)?

There is no fixed version for activemq:activemq-core.

[0,)

Go back to all versions of this package