CVE-2021-20318

The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2010559 Issue Tracking Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3.9:general_availability:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4.0:general_availability:*:*:*:*:*:*

Information

Published : 2021-12-23 12:15

Updated : 2022-01-07 08:02


NVD link : CVE-2021-20318

Mitre link : CVE-2021-20318


JSON object : View

CWE
CWE-502

Deserialization of Untrusted Data

Advertisement

dedicated server usa

Products Affected

redhat

  • jboss_enterprise_application_platform