6 matches found
Security Bulletin: IBM Spectrum Control is vulnerable to weaknesses related to activemq-core (CVE-2014-3600, CVE-2013-1879, CVE-2015-6524, CVE-2011-4905)
Summary XML external entity XXE, cross-site scripting XSS, brute force attack, denial of service vulnerabilities in activemq-core may affect IBM Spectrum Control. CVE-2014-3600, CVE-2013-1879, CVE-2015-6524, CVE-2011-4905. Vulnerability Details CVEID:CVE-2014-3600 DESCRIPTION: XML external entity...
cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE), cloud.altemista.fwk.message:cloud-altemistafwk-core-message-active-conf (>=3.0.0.RELEASE <=3.1.0.RELEASE) +367 more potentially affected by CVE-2011-4905 via org.apache.activemq:activemq-core (>=4.1.1 <=5.5.1)
org.apache.activemq:activemq-core MAVEN version =4.1.1, =3.0.0.RELEASE, =1.0.0.1, =1.2.29, =1.3, =1.0.0, =1.0.0, =1.0.1, =1.4.1, =25.0.10, =28.0.0 - com.ning:metrics.realtime-core =1.1.0 - com.tacitknowledge:simulator-core =1.1 and more Source cves: CVE-2011-4905 Source advisory:...
cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE), cloud.altemista.fwk.message:cloud-altemistafwk-core-message-active-conf (>=3.0.0.RELEASE <=3.1.0.RELEASE) +706 more potentially affected by CVE-2012-6092 via org.apache.activemq:activemq-core (>=4.1.1 <=5.7.0)
org.apache.activemq:activemq-core MAVEN version =4.1.1, =3.0.0.RELEASE, =1.0, =1.0.0, =1.0.0, =0.4.2, =0.4.2, =0.4.2, =3.0.0.rc1, =3.0.0.rc1, =3.0.0.rc1, =3.0.0.rc1, =3.2.1 and more Source cves: CVE-2012-6092 Source advisory: OSV:GHSA-RP9P-863F-9C4H...
cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE), cloud.altemista.fwk.message:cloud-altemistafwk-core-message-active-conf (>=3.0.0.RELEASE <=3.1.0.RELEASE) +706 more potentially affected by CVE-2013-1880 via org.apache.activemq:activemq-core (>=4.1.1 <=5.7.0)
org.apache.activemq:activemq-core MAVEN version =4.1.1, =3.0.0.RELEASE, =1.0, =1.0.0, =1.0.0, =0.4.2, =0.4.2, =0.4.2, =3.0.0.rc1, =3.0.0.rc1, =3.0.0.rc1, =3.0.0.rc1, =3.2.1 and more Source cves: CVE-2013-1880 Source advisory: OSV:GHSA-C9GX-27HQ-WCVJ...
GHSA-V3XW-C963-F5HC jackson-databind mishandles the interaction between serialization gadgets and typing
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq. aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms...
UBUNTU-CVE-2020-11111
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq. aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms...