Hornetq

hornetq

Vendor: Redhat • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-51127 1Redhat 1Hornetq Nov 21, 2024 Nov 4, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information.
CVE-2014-3599 1Redhat 1Hornetq Nov 21, 2024 Nov 12, 2019 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy
CVE-2017-12174 2Apache Redhat 3Activemq Artemis HornetqJboss Enterprise Application Platform Nov 21, 2024 Mar 7, 2018 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memor...Show more It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.Show less