Описание
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| JBoss Developer Studio 11 | activemq | Out of support scope | ||
| Red Hat Decision Manager 7 | activemq-artemis | Not affected | ||
| Red Hat Fuse 7 | activemq | Will not fix | ||
| Red Hat JBoss A-MQ 6 | activemq | Out of support scope | ||
| Red Hat JBoss Data Grid 7 | activemq-artemis | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 7 | activemq-artemis | Not affected | ||
| Red Hat JBoss Fuse 6 | activemq | Out of support scope | ||
| Red Hat JBoss Fuse Service Works 6 | activemq | Out of support scope | ||
| Red Hat Process Automation 7 | activemq-artemis | Not affected | ||
| Red Hat Single Sign-On 7 | activemq-artemis | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1696012activemq: Corrupt MQTT frame can cause broker shutdown
5.9 Medium
CVSS3
Связанные уязвимости
CVSS3: 7.5
ubuntu
почти 7 лет назад
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.
CVSS3: 7.5
nvd
почти 7 лет назад
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.
CVSS3: 7.5
debian
почти 7 лет назад
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame ca ...
CVSS3: 7.5
github
почти 7 лет назад
Improper Control of Generation of Code ('Code Injection') in org.apache.activemq:activemq-client
CVSS3: 7.5
fstec
почти 6 лет назад
Уязвимость реализации протокола MQTT программной платформы Apache ActiveMQ, позволяющая нарушителю вызвать отказ в обслуживании
5.9 Medium
CVSS3