Vulnerabilities > Redhat > Jboss A MQ > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
2022-09-13 | CVE-2022-1278 | Insecure Default Initialization of Resource vulnerability in Redhat products A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain. | 7.5 |
2021-12-14 | CVE-2021-4104 | Deserialization of Untrusted Data vulnerability in multiple products JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. | 7.5 |
2018-08-01 | CVE-2016-8648 | Unspecified vulnerability in Redhat Jboss A-Mq and Jboss Fuse It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. | 7.2 |
2017-09-25 | CVE-2015-5183 | Unspecified vulnerability in Redhat Amq, Jboss A-Mq and Jboss Enterprise web Server Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ. | 7.5 |