Chapter 7. Fixed Common Vulnerabilities and Exposures

This section details Common Vulnerabilities and Exposures (CVEs) fixed in the AMQ Broker 7.11 release.

  • ENTMQBR-6630 - CVE-2022-1278 WildFly: possible information disclosure
  • ENTMQBR-7397 - CVE-2022-22970 springframework: DoS via data binding to multipartFile or servlet part
  • ENTMQBR-7398 - CVE-2022-22971 springframework: DoS with STOMP over WebSocket
  • ENTMQBR-7005 - CVE-2022-2047 jetty-http: improver hostname input handling
  • ENTMQBR-7640 - CVE-2022-3782 keycloak: path traversal via double URL encoding