[jira] [Resolved] (AMQ-7252) SEV2 Vulnerabilities: Apache ActiveMQ Server libraries: commons-net-3.6.jar and velocity-1.7.jar

Mon, 18 Nov 2019 12:21:23 -0800 


     [ 
https://issues.apache.org/jira/browse/AMQ-7252?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jean-Baptiste Onofré resolved AMQ-7252.
---------------------------------------
    Resolution: Fixed

> SEV2 Vulnerabilities: Apache ActiveMQ Server libraries: commons-net-3.6.jar 
> and velocity-1.7.jar
> ------------------------------------------------------------------------------------------------
>
>                 Key: AMQ-7252
>                 URL: https://issues.apache.org/jira/browse/AMQ-7252
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.15.9
>            Reporter: Vipin
>            Assignee: Jean-Baptiste Onofré
>            Priority: Major
>              Labels: security-issue, vulnerabilities
>             Fix For: 5.16.0, 5.15.11
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> SEV2 Vulnerabilities: Apache ActiveMQ Server libraries: commons-net-3.6.jar 
> and velocity-1.7.jar
>  
> commons-net-3.6.jar
>  * Apache Commons Net contains a flaw in the changeWorkingDirectory() 
> function in ftpClient.java that is triggered as user-supplied input is not 
> properly sanitized. This may allow a remote attacker to use a newline 
> character in a specially crafted string to execute arbitrary commands.
>  
> velocity-1.7.jar
>  * Apache Commons FileUpload contains flaw that is due to 
> ParametersInterceptor allowing access to the 'class' parameter. This may 
> allow a remote attacker to manipulate the ClassLoader and execute arbitrary 
> Java code.
>  
>  * Apache Commons Collections contains a flaw in the InvokerTransformer 
> class. This issue is triggered when handling Java code, which may invoke 
> unsafe deserialize calls. This may allow a remote attacker to execute 
> arbitrary code.
>  
>  * Apache Velocity contains a flaw that allows traversing outside of a 
> restricted path. The issue is due to VelocityLayoutServlet not properly 
> sanitizing user input, specifically path traversal style attacks (e.g. '../') 
> supplied via the 'layout' parameter. With a specially crafted request, a 
> remote attacker can gain access to potentially sensitive information.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to