XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HApache Activemq
APPApache5.0.05.1.05.10.05.2.05.3.05.3.15.3.25.4.05.4.15.4.25.4.35.5.05.5.15.6.05.7.0+ 3 więcej
Powiązane podatności
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a ...
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and exec...
A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to ...
Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may a...
Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which al...