6.2.7
18 years ago
9 days ago
Known vulnerabilities in the org.apache.activemq:activemq-all package. This does not include vulnerabilities belonging to this package’s dependencies.
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size via the How to fix Incorrect Calculation of Buffer Size? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to External Control of System or Configuration Setting in the How to fix External Control of System or Configuration Setting? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the How to fix Memory Allocation with Excessive Size Value? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the unmarshalling process of OpenWire message property maps without proper size validation. An attacker can exhaust system memory and cause a broker crash by sending a crafted message with a large encoded size value. How to fix Memory Allocation with Excessive Size Value? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Missing Authorization in the process that manages temporary destinations. An attacker can gain unauthorized access to consume messages from another user's temporary destination by establishing a separate connection and bypassing client-side isolation checks. How to fix Missing Authorization? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the How to fix Allocation of Resources Without Limits or Throttling? Upgrade | [5.19.7,5.19.8)[6.2.6,6.2.7) |
org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the How to fix Memory Allocation with Excessive Size Value? Upgrade | [,5.19.8)[6.0.0,6.2.7) |