CVE-2022-23913 – org.apache.activemq:artemis-core-client

Package

Manager: maven
Name: org.apache.activemq:artemis-core-client
Vulnerable Version: >=0 <2.19.1

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00213 pctl0.43853

Details

Apache ActiveMQ Artemis Uncontrolled Resource Consumption (DoS) In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.

Metadata

Created: 2022-02-06T00:00:55Z
Modified: 2023-09-25T10:37:03Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-pr38-qpxm-g88x/GHSA-pr38-qpxm-g88x.json
CWE IDs: ["CWE-400", "CWE-770"]
Alternative ID: GHSA-pr38-qpxm-g88x
Finding: F067
Auto approve: 1