CVE-2020-36282

JMS Client for RabbitMQ 1.x before 1.15.2 and 2.x before 2.2.0 is vulnerable to unsafe deserialization that can result in code execution via crafted StreamMessage data...

com.github.marcelop3251:queues-manager (=1.2.0), net.oneandone.ioc-unit:ioc-unit-jms-rabbitmq (>=2.0.28 <=2.0.40) potentially affected by CVE-2020-36282 via com.rabbitmq.jms:rabbitmq-jms (=1.14.0)

com.rabbitmq.jms:rabbitmq-jms MAVEN version =1.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on com.rabbitmq.jms:rabbitmq-jms and may be impacted: - com.github.marcelop3251:queues-manager =1.2.0 - net.oneandone.ioc-unit:ioc-unit-jms-rabbitmq =2.0.2...

CVE-2020-36282

JMS Client for RabbitMQ (1.x &lt;1.15.2 and 2.x