GHSA-r9vv-xj4w-g8m8

Suggest an improvement
Source
https://github.com/advisories/GHSA-r9vv-xj4w-g8m8
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-r9vv-xj4w-g8m8/GHSA-r9vv-xj4w-g8m8.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-r9vv-xj4w-g8m8
Aliases
Published
2022-05-13T01:11:53Z
Modified
2024-03-13T05:31:35.292422Z
Severity
  • 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Apache ActiveMQ Artemis RCE Via Deserialization Gadget Chain
Details

The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath.

Database specific
{
    "nvd_published_at": "2016-09-27T15:59:00Z",
    "cwe_ids": [
        "CWE-502"
    ],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-31T18:15:46Z"
}
References

Affected packages

Maven / org.apache.activemq:artemis-pom

Package

Name
org.apache.activemq:artemis-pom
View open source insights on deps.dev
Purl
pkg:maven/org.apache.activemq/artemis-pom

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.0

Affected versions

1.*

1.0.0
1.1.0
1.2.0
1.3.0