Eclipse Vert X Stomp
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Eclipse Vert X Stomp.
By the Year
In 2026 there have been 0 vulnerabilities in Eclipse Vert X Stomp. Vert X Stomp did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 6.50 |
It may take a day or so for new Vert X Stomp vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Eclipse Vert X Stomp Security Vulnerabilities
Vert.x STOMP Auth Bypass before 3.9.16/4.4.2 - CONNECT Frame not validated
CVE-2023-32081
6.5 - Medium
- May 12, 2023
Vert.x STOMP is a vert.x implementation of the STOMP specification that provides a STOMP server and client. From versions 3.1.0 until 3.9.16 and 4.0.0 until 4.4.2, a Vert.x STOMP server processes client STOMP frames without checking that the client send an initial CONNECT frame replied with a successful CONNECTED frame. The client can subscribe to a destination or publish message without prior authentication. Any Vert.x STOMP server configured with an authentication handler is impacted. The issue is patched in Vert.x 3.9.16 and 4.4.2. There are no trivial workarounds.
authentification
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Eclipse Vert X Stomp or by Eclipse? Click the Watch button to subscribe.
