org.apache.activemq:artemis-core-client@2.8.0 vulnerabilities
-
latest version
2.33.0
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
2 months ago
-
licenses detected
- [1.0.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.activemq:artemis-core-client package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.apache.activemq:artemis-core-client is a High-performance, non-blocking architecture for the next generation of event-driven messaging applications. Affected versions of this package are vulnerable to Denial of Service (DoS) via a crafted message sent to a Java process running an Artemis Broker. This can result in an Out-Of-Memory crash. ###PoC
NOTE: This vulnerability has also been identified as: CVE-2021-4040 How to fix Denial of Service (DoS)? Upgrade |
[,2.19.1)
|
org.apache.activemq:artemis-core-client is a High-performance, non-blocking architecture for the next generation of event-driven messaging applications. Affected versions of this package are vulnerable to Denial of Service (DoS) via a crafted message sent to a Java process running an Artemis Broker. This can result in an Out-Of-Memory crash. ###PoC
NOTE: This vulnerability has also been identified as: CVE-2022-23913 How to fix Denial of Service (DoS)? Upgrade |
[,2.19.1)
|
org.apache.activemq:artemis-core-client is a High-performance, non-blocking architecture for the next generation of event-driven messaging applications. Affected versions of this package are vulnerable to Incorrect Default Permissions. A flaw was found in ActiveMQ Artemis management API where a user inadvertently stores passwords in plaintext in the Artemis shadow file ( How to fix Incorrect Default Permissions? Upgrade |
[2.7.0,2.12.0)
|