Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Duplicate
-
5.15.8
-
None
-
None
-
None
Description
spring-expression-4.3.11.RELEASE.jar : ActiveMQ is having depedency with Spring Expression 4.3.11 this has security vulnerabilities
:https://nvd.nist.gov/vuln/detail/CVE-2018-1270
Recommended Version: 4.3.24 or 5.1.8 or latest available
tomcat-websocket-api-8.0.53.jar: ActiveMQ is having dependency with tomcat-websocket-api-8.0.53.jar which is having Security Vulnerabilities:
https://nvd.nist.gov/vuln/detail/CVE-2016-5388
Recommended Version: 8.5.42 or 9.0.21 or latest available
xstream-1.4.10.jar: ActiveMQ is having dependency with xstream-1.4.10.jar which is having security vulnerabilities.
https://nvd.nist.gov/vuln/detail/CVE-2013-7285
Recommended Version: 1.4.11.1 or latest available
Attachments
Issue Links
- duplicates
-
-
- Resolved
-