Vulnerabilities > Redhat > Jboss A MQ > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-10 CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. 7.5
2022-09-13 CVE-2022-1278 Insecure Default Initialization of Resource vulnerability in Redhat products
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
network
low complexity
redhat CWE-1188
7.5
2021-12-14 CVE-2021-4104 Deserialization of Untrusted Data vulnerability in multiple products
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration.
network
high complexity
apache fedoraproject redhat oracle CWE-502
7.5
2018-08-01 CVE-2016-8648 Unspecified vulnerability in Redhat Jboss A-Mq and Jboss Fuse
It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations.
network
low complexity
redhat
7.2
2017-09-25 CVE-2015-5183 Unspecified vulnerability in Redhat Amq, Jboss A-Mq and Jboss Enterprise web Server
Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
network
low complexity
redhat
7.5