Red Hat Amq
Recent Red Hat Amq Security Advisories
| Advisory | Title | Published |
|---|---|---|
| RHSA-2024:0903 | (RHSA-2024:0903) Moderate: Red Hat AMQ Broker 7.10.6 release and security update | February 20, 2024 |
| RHSA-2024:0705 | (RHSA-2024:0705) Moderate: Red Hat AMQ Broker 7.11.6 release and security update | February 6, 2024 |
| RHSA-2024:0278 | (RHSA-2024:0278) Moderate: Red Hat AMQ Broker 7.11.5 release and security update | January 17, 2024 |
| RHSA-2023:7697 | (RHSA-2023:7697) Moderate: AMQ Clients 2023.Q4 | December 7, 2023 |
| RHSA-2023:7678 | (RHSA-2023:7678) Important: Red Hat AMQ Streams 2.6.0 release and security update | December 6, 2023 |
| RHSA-2023:6879 | (RHSA-2023:6879) Critical: Red Hat AMQ Broker 7.11.4 release and security update | November 9, 2023 |
| RHSA-2023:6878 | (RHSA-2023:6878) Critical: Red Hat AMQ Broker 7.10.5 release and security update | November 9, 2023 |
| RHSA-2023:6877 | (RHSA-2023:6877) Critical: security update jboss-amq-6/amq63-openshift container image | November 9, 2023 |
| RHSA-2023:6866 | (RHSA-2023:6866) Critical: jboss-amq-6-amq63-openshift-container security update | November 9, 2023 |
| RHSA-2023:6030 | (RHSA-2023:6030) Important: Red Hat AMQ Streams 2.2.2 release and security update | October 23, 2023 |
By the Year
In 2024 there have been 0 vulnerabilities in Red Hat Amq . Amq did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 7.50 |
| 2021 | 0 | 0.00 |
| 2020 | 2 | 6.50 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Amq vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Amq Security Vulnerabilities
A flaw was found in WildFly, where an attacker
CVE-2022-1278
7.5 - High
- September 13, 2022
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
Insecure Default Initialization of Resource
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed
CVE-2020-14307
6.5 - Medium
- July 24, 2020
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.
Improper Resource Shutdown or Release
A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and
CVE-2020-14297
6.5 - Medium
- July 24, 2020
A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable.
Resource Exhaustion
Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
CVE-2015-5183
7.5 - High
- September 25, 2017
Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
Console: CORS headers set to
CVE-2015-5184
7.5 - High
- September 25, 2017
Console: CORS headers set to allow all in Red Hat AMQ.
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
CVE-2015-5182
8.8 - High
- September 25, 2017
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
Session Riding
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Amq or by Red Hat? Click the Watch button to subscribe.
