apache tomee 7.0.0 vulnerabilities and exploits

(subscribe to this query)

If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache T...

Apache Tomee Apache Tomee 7.0.0 Apache Tomee 8.0.0

If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 is configured to use the embedded ActiveMQ broker, and the broker config is misconfigured, a JMX port is opened on TCP port 1099, which does not include authentication. CVE-2020-11969 previously addr...

Apache Tomee Apache Tomee 7.0.0 Apache Tomee 8.0.0

The EjbObjectInputStream class in Apache TomEE prior to 1.7.4 and 7.x prior to 7.0.0-M3 allows remote malicious users to execute arbitrary code via a crafted serialized object.

Apache Tomee Apache Tomee 7.0.0

The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomca...

Apache Tomcat Apache Tomee 7.0.7 Opensuse Leap 15.1 Netapp Data Availability Services -Netapp Oncommand System Manager Debian Debian Linux 9.0 Debian Debian Linux 10.0 Oracle Agile Engineering Data Management 6.2.1.0 Oracle Agile Plm 9.3.3 Oracle Agile Plm 9.3.5 Oracle Agile Plm 9.3.6 Oracle Communications Instant Messaging Server 10.0.1.4.0

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook