GHSA-3wfj-vh84-732p

Опубликовано: 14 мая 2022

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

Improper Neutralization of Special Elements used in an OS Command in Apache ActiveMQ

The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command.

Ссылки

Пакеты

Наименование

org.apache.activemq:activemq-client

maven

Затронутые версииВерсия исправления

< 5.11.0

5.11.0

EPSS

Процентиль: 93%

0.11345

Средний

7.5 High

CVSS3

CVE ID

CVE-2014-3576

Дефекты

CWE-78

Связанные уязвимости

CVE-2014-3576

CVSS3: 7.5

ubuntu

больше 10 лет назад

The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command.

CVE-2014-3576

redhat

больше 10 лет назад

The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command.

CVE-2014-3576

CVSS3: 7.5

nvd

больше 10 лет назад

The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command.

CVE-2014-3576

CVSS3: 7.5

debian

больше 10 лет назад

The processControlCommand function in broker/TransportConnection.java ...

EPSS

Процентиль: 93%

0.11345

Средний

7.5 High

CVSS3

CVE ID

CVE-2014-3576

Дефекты

CWE-78