Jump To Close

Expand all Collapse all

Settings Close

• Language: 日本語 简体中文 English
• Format: Multi-page Single-page PDF

Language and Page Formatting Options

• Language: 日本語 简体中文 English
• Format: Multi-page Single-page PDF

Chapter 6. Fixed Common Vulnerabilities and Exposures

This section details Common Vulnerabilities and Exposures (CVEs) fixed in the AMQ Broker 7.8 release.

• ENTMQBR-3755 - CVE-2020-13932 - mqtt-client: activemq: remote XSS in web console diagram plugin [amq-7]
• ENTMQBR-3382 - CVE-2015-5183 Hawtio: HTTPOnly and Secure attributes not set on cookies [amq-7]
• ENTMQBR-4037 - CVE-2019-12749 - DBusServer DBUS_COOKIE_SHA1 authentication bypass
• ENTMQBR-4068 - CVE-2019-9827 - hawtio: server side request forgery via initial /proxy/ substring of a URI [amq-7.7.0]
• ENTMQBR-4158 - CVE-2020-27216 - jetty: local temporary directory hijacking vulnerability [amq-7]