Maven package
org.hornetq/hornetq-server
pkg:maven/org.hornetq/hornetq-server
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-12174 | Hig | 7.5 | < 2.4.0.Final | 2.4.0.Final | Mar 7, 2018 | It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. |
- affected < 2.4.0.Finalfixed 2.4.0.Final
It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.