[jira] [Resolved] (AMQ-8984) Fix or challenge CVE-2015-3208 reported by ossindex.sonatype.org

Justin Bertram (Jira) Mon, 01 Aug 2022 10:13:07 -0700


     [ 
https://issues.apache.org/jira/browse/AMQ-8984?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Justin Bertram resolved AMQ-8984.
---------------------------------
    Resolution: Information Provided

> Fix or challenge CVE-2015-3208 reported by ossindex.sonatype.org
> ----------------------------------------------------------------
>
>                 Key: AMQ-8984
>                 URL: https://issues.apache.org/jira/browse/AMQ-8984
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 5.16.3, 5.16.4, 5.16.5
>            Reporter: Sven-Jørgen Karlsen
>            Assignee: Jean-Baptiste Onofré
>            Priority: Minor
>
> I get CVE-2015-3208 reported against activemq-broker 5.16.3-5 when running 
> maven-enforcer-plugin with the banVulnerable rule. The vulnerability can also 
> be seen on ossindex.org: 
> [https://ossindex.sonatype.org/vulnerability/CVE-2015-3208?component-type=maven&component-name=org.apache.activemq%2Factivemq-broker&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1]
>  
> It looks rather dated, is it some kind of fault in Sonatype's database? I 
> have seen several odd occurrences of old vulnerabilities in ossindex.org the 
> last month or so, after the "breaking changes" being working on in the OSS 
> Index data.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (AMQ-8984) Fix or challenge CVE-2015-3208 reported by ossindex.sonatype.org

Reply via email to