VYPR

Maven package

org.hornetq/hornetq-server

pkg:maven/org.hornetq/hornetq-server

Vulnerabilities (1)

  • CVE-2017-12174HigMar 7, 2018
    affected < 2.4.0.Finalfixed 2.4.0.Final

    It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.