2 matches found
org.glassfish.mq:mq-client (>=6.4.0 <=6.8.0), org.glassfish.mq:mq-cluster (>=6.4.0 <=6.8.0) +13 more potentially affected by CVE-2026-24457 via org.glassfish.mq:mqbroker-comm (>=6.4.0 <=6.8.0)
org.glassfish.mq:mqbroker-comm MAVEN version =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.8.0 Source cves: CVE-2026-24457 Source advisory: SNYK:JAVA-ORGGLASSFISHMQ-15468292...
CVE-2026-24457
An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved...