Latest redhat jboss a-mq Vulnerabilities

CVE-2023-44487
- Rapid Reset HTTP/2 vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2022
Microsoft Windows Server 2022
Microsoft Windows 11=22H2
Microsoft Windows 11=22H2
and 556 more
CVE-2023-4066
Red hat amq broker operator: passwords defined in secrets shown in statefulset yaml
Redhat Jboss A-mq=7
Redhat Jboss Middleware=1
Redhat Openshift Container Platform=4.11
Redhat Openshift Container Platform=4.12
Redhat Enterprise Linux=8.0
CVE-2023-4065
Red hat amq broker operator: plaintext password in operator log
Redhat Jboss A-mq=7
Redhat Jboss Middleware=1
Redhat Openshift Container Platform=4.11
Redhat Openshift Container Platform=4.12
Redhat Enterprise Linux=8.0
redhat/Red Hat AMQ Broker<7.11.1.
CVE-2023-1664
## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5cc8-pgp5-7mpm. This link is maintained to preserve external references. ## Original Advisory A flaw was found...
Redhat Keycloak
Redhat Single Sign-on=7.0
Redhat Build Of Quarkus
Redhat Jboss A-mq=7
Redhat Migration Toolkit For Runtimes
redhat/rh-sso7-keycloak<0:18.0.8-1.redhat_00001.1.el7
and 4 more
CVE-2022-1278
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
Redhat Wildfly<27.0.0
Redhat Amq=2.0
Redhat Amq Online
Redhat Integration Camel K
Redhat Integration Service Registry
Redhat Jboss A-mq=7
and 2 more
CVE-2021-4104
Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2
redhat/log4j<0:1.2.14-6.5.el6_10
redhat/log4j<0:1.2.17-17.el7_4
redhat/log4j<0:1.2.17-16.el7_3
redhat/log4j-eap6<0:1.2.17-3.redhat_00008.1.ep6.el6
redhat/log4j-jboss-logmanager<0:1.1.4-3.Final_redhat_00002.1.ep6.el6
redhat/jboss-as-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6
and 219 more
CVE-2021-3536
A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affe...
redhat/Wildfly<23.0.2.
redhat/eap7-elytron-web<0:1.6.3-1.Final_redhat_00001.1.el6ea
redhat/eap7-hal-console<0:3.2.15-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.20-3.SP1_redhat_00001.1.el6ea
redhat/eap7-infinispan<0:9.4.23-1.Final_redhat_00001.1.el6ea
redhat/eap7-ironjacamar<0:1.4.33-1.Final_redhat_00001.1.el6ea
and 45 more
CVE-2021-3425
A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shi...
Redhat Jboss A-mq=7
CVE-2020-14379
A flaw was found in AMQ Broker in a way that a XEE attack can used in Broker's configuration files, leading to DoS and information disclosure.
Redhat Jboss A-mq=7
CVE-2015-7559
Apache ActiveMQ client is vulnerable to a denial of service, caused by a remote shutdown command in the ActiveMQConnection class. By sending a specific command, a remote authenticated attacker could e...
IBM Security Directory Suite VA<=8.0.1-8.0.1.19
Apache ActiveMQ<5.14.5
Apache ActiveMQ>=5.15.0<5.15.5
Redhat Jboss A-mq=6.2.1
Redhat Jboss A-mq=6.3
Redhat Jboss Fuse=6.3
and 1 more
CVE-2016-8648
It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute r...
Redhat Jboss A-mq=6.0.0
Redhat Jboss Fuse=6.0.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203