Lucene search

K

CVE-2023-46604

🗓️ 27 Oct 2023 15:14:15Reported by apacheType 
cve
 cve
🔗 web.nvd.nist.gov👁 525 Views🌐 45 Media mentions

Java OpenWire protocol marshaller vulnerability, allows remote code execution by manipulating serialized class type

Show more
Related
Detection
Affected
Refs
Social
Nvd
Vulners
[
  {
    "collectionURL": "https://repo.maven.apache.org/maven2",
    "defaultStatus": "unaffected",
    "packageName": "org.apache.activemq:activemq-client",
    "product": "Apache ActiveMQ",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "5.18.3",
        "status": "affected",
        "version": "5.18.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.17.6",
        "status": "affected",
        "version": "5.17.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.16.7",
        "status": "affected",
        "version": "5.16.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.15.16",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "collectionURL": "https://repo.maven.apache.org/maven2",
    "defaultStatus": "unaffected",
    "packageName": "org.apache.activemq:activemq-openwire-legacy",
    "product": "Apache ActiveMQ Legacy OpenWire Module",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThan": "5.18.3",
        "status": "affected",
        "version": "5.18.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.17.6",
        "status": "affected",
        "version": "5.17.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.16.7",
        "status": "affected",
        "version": "5.16.0",
        "versionType": "semver"
      },
      {
        "lessThan": "5.15.16",
        "status": "affected",
        "version": "5.8.0",
        "versionType": "semver"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo