CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information. | 9.1 |
Critical |
||
HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy | 6.5 |
Medium |
||
It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. | 7.5 |
High |