Maven package
org.apache.rocketmq/rocketmq-controller
pkg:maven/org.apache.rocketmq/rocketmq-controller
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-33246 | — | KEV | >= 5.0.0, < 5.1.1 | 5.1.1 | May 24, 2023 | For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this |
- affected >= 5.0.0, < 5.1.1fixed 5.1.1
For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution. Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this