Описание
Withdrawn Advisory: Improper Restriction of XML External Entity Reference in Apache ActiveMQ
Withdrawn Advisory
This advisory has been withdrawn because further investgation revealed that this is not a security issue. This link is maintained to preserve external references.
Original Description
XML external entity (XXE) vulnerability in the XPath selector component in Artemis ActiveMQ before commit 48d9951d879e0c8cbb59d4b64ab59d53ef88310d allows remote attackers to have unspecified impact via unknown vectors.
Пакеты
org.apache.activemq:activemq-client
<= 2.23.0
2.23.1
Связанные уязвимости
An XML External Entity (XXE) Injection vulnerability was reported in the XPath component of HornetQ.
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.