Uploaded image for project: 'ActiveMQ Classic'
  1. ActiveMQ Classic
  2. AMQ-9250

CVE-2023-20860 - Update spring framework to resolve security vulnerability

    XMLWordPrintableJSON

Details

    • Dependency upgrade
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • 5.18.1
    • None
    • AMQP
    • None

    Description

      Vulnerability scans are reporting https://nvd.nist.gov/vuln/detail/CVE-2023-20860 exists in ActiveMQ 5.18.1.

      Please update this spring dependency to 5.3.26 (or later) to resolve this CVE.   

      Attachments

        Issue Links

          is duplicated by

          Dependency upgrade - Upgrading a dependency to a newer version AMQ-9245 Upgrade to Spring 5.3.27

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              jbonofre Jean-Baptiste Onofré
              benfransen Ben
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: