3 matches found
org.apache.activemq:activemq-osgi (>=6.0.0 <=6.2.1), org.apache.activemq:activemq-unit-tests (>=6.0.0 <=6.2.1) +4 more potentially affected by CVE-2026-33227 via org.apache.activemq:activemq-stomp (>=6.0.0 <=6.2.1)
org.apache.activemq:activemq-stomp MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.1 - org.fcrepo:fcrepo-jms =7.0.0-RC1 - org.fcrepo:fcrepo-webapp =7.0.0-RC1 Source cves: CVE-2026-33227 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15930951...
CVE-2025-41254 Spring Framework STOMP CSRF Vulnerability
STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. Affected Spring Products and VersionsSpring Framework: 6.2.0 - 6.2.11 6.1.0 - 6.1.23 6.0.x - 6.0.29 5.3.0 - 5.3.45 Older, unsupported versions are also affected...
cn.vertxup:zero-ifx-stomp (=0.9.0), cn.vertxup:zero-vie (=0.9.0) +3 more potentially affected by CVE-2023-32081 via io.vertx:vertx-stomp (>=4.0.0 <=4.4.1)
io.vertx:vertx-stomp MAVEN version =4.0.0, =2.0.0, =4.0.0, =4.0.0, =4.4.1 Source cves: CVE-2023-32081 Source advisory: OSV:GHSA-GVRQ-CG5R-7CHP...