Redhat Jboss_a-mq
7 CVEs affecting Redhat Jboss_a-mq. Latest disclosed: 2023-10-10. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-7501 | Critical | 9.8 | 2017-11-09 | Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x… |
CVE-2023-44487 | High | 7.5 | 2023-10-10 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the w… |
CVE-2021-4104 | High | 7.5 | 2021-12-14 | JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can pro… |
CVE-2015-5183 | High | 7.5 | 2017-09-25 | Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ. |
CVE-2015-5181 | Medium | 5.4 | 2017-09-25 | The JBoss console in A-MQ allows remote attackers to execute arbitrary JavaScript. |
CVE-2014-0085 | | 2014-04-17 | JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local… | |
CVE-2013-4372 | | 2013-09-30 | Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 a… |