Tomee@7.0.0 Security Vulnerabilities and Issues — Tomee@7.0.0 CVE List

Lucene search

ApacheTomee7.0.0

3 matches found

CVE•added 2020/12/18 12:15 a.m.•80 views

CVE-2020-13931

If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 is configured to use the embedded ActiveMQ broker, and the broker config is misconfigured, a JMX port is opened on TCP port 1099, which does not include authentication. CVE-2020-11969 previously addressed the creation ...

9.8CVSS9.3AI score0.01368EPSS

CVE•added 2020/06/15 8:15 p.m.•70 views

CVE-2020-11969

If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 - 7.0...

9.8CVSS9.2AI score0.01111EPSS

CVE•added 2017/04/11 4:59 p.m.•45 views

CVE-2016-0779

The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object.

9.8CVSS9.6AI score0.09007EPSS