VYPR

Maven package

org.apache.rocketmq/rocketmq-controller

pkg:maven/org.apache.rocketmq/rocketmq-controller

Vulnerabilities (1)

  • CVE-2023-33246KEVMay 24, 2023
    affected >= 5.0.0, < 5.1.1fixed 5.1.1

    For RocketMQ versions 5.1.0 and below, under certain conditions, there is a risk of remote command execution.  Several components of RocketMQ, including NameServer, Broker, and Controller, are leaked on the extranet and lack permission verification, an attacker can exploit this