VYPR

Amq

by Red Hat

CVEs (6)

  • CVE-2015-5182HigSep 25, 2017
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.

  • CVE-2015-5184HigSep 25, 2017
    risk 0.49cvss 7.5epss 0.01

    Console: CORS headers set to allow all in Red Hat AMQ.

  • CVE-2015-5183HigSep 25, 2017
    risk 0.49cvss 7.5epss 0.02

    Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.

  • CVE-2016-8653MedAug 1, 2018
    risk 0.35cvss 5.3epss 0.02

    It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the credentials passed to it. An attacker could use this flaw to launch a denial of service attack.

  • CVE-2015-5181MedSep 25, 2017
    risk 0.35cvss 5.4epss 0.01

    The JBoss console in A-MQ allows remote attackers to execute arbitrary JavaScript.

  • CVE-2020-14348Sep 16, 2020
    risk 0.00cvss epss 0.01

    It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user's AddressSpace configuration of the user namespace puts AMQ Online in an inconsistent state, where the AMQ Online components do not operate properly, such as the failure of provisioning and the…