Red hat amq streams
This hub aggregates every CVE we track for Red hat amq streams, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
Operating Systemson-prem
16
CVEs tracked
3
Critical
8
High
0
In CISA KEV
Severity distribution
HIGH8MEDIUM5CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Red hat amq streams.
- CVE-2023-31582jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less.7.5
- CVE-2023-40167Jetty accepts "+" prefixed value in Content-Length5.3
- CVE-2022-46751Apache Ivy: XML External Entity vulnerability in Apache Ivy8.2
- CVE-2021-46877jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving Jso...7.5
- CVE-2022-24823Local Information Disclosure Vulnerability in io.netty:netty-codec-http5.5
- CVE-2022-25647Deserialization of Untrusted Data7.7
- CVE-2020-36518jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.7.5
- CVE-2021-43797HTTP fails to validate against control chars in header names which may lead to HTTP request smuggling6.5
- CVE-2021-37137The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was rece...7.5
- CVE-2021-38153Timing Attack Vulnerability for Apache Kafka Connect and Clients5.9
- CVE-2019-12399When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster ...7.5
- CVE-2019-17267A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.9.8
- CVE-2019-16335A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.9.8
- CVE-2019-14439A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally...7.5
- CVE-2019-14379SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), le...9.8
Product normalization is registry-driven with AI assist and human review. How it works