VYPR

Maven package

org.apache.qpid/qpid-jms-client

pkg:maven/org.apache.qpid/qpid-jms-client

Vulnerabilities (1)

  • CVE-2016-4974HigJul 13, 2016
    affected < 0.10.0fixed 0.10.0

    Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before 0.10.0 does not restrict the use of classes available on the classpath, which might allow remote authenticated users with permission to send messages to deserialize arbitrary objects and execute arbitrary code