[jira] [Commented] (AMQ-7373) jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899

ASF subversion and git services (Jira) Wed, 22 Jan 2020 04:46:54 -0800


    [ 
https://issues.apache.org/jira/browse/AMQ-7373?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17021014#comment-17021014
 ]


ASF subversion and git services commented on AMQ-7373:
------------------------------------------------------

Commit 08267c4f67426509eacb91993849c0eca07d962c in activemq's branch 
refs/heads/master from Colm O hEigeartaigh
[ https://gitbox.apache.org/repos/asf?p=activemq.git;h=08267c4 ]

AMQ-7373 - Updating Jolokia


> jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899
> ------------------------------------------------------
>
>                 Key: AMQ-7373
>                 URL: https://issues.apache.org/jira/browse/AMQ-7373
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Web Console
>    Affects Versions: 5.15.8, 5.15.9, 5.15.10, 5.15.11
>            Reporter: Harish Kumar
>            Assignee: Jean-Baptiste Onofré
>            Priority: Critical
>             Fix For: 5.16.0, 5.15.12
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899
> *PATH:*apache-activemq-5.15.11/lib/web/jolokia-core-1.6.0.jar
>  
> *CVE-2018-10899*
> CVSSv3 Score: 8.8
> [https://nvd.nist.gov/vuln/detail/CVE-2018-10899] 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (AMQ-7373) jolokia-core-1.6.0.jar is vulnerable to CVE-2018-10899

Reply via email to