Vulnerability

CVE-2019-0222

 Report advisory or correction

CVSS Score 7.5 high

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-noinfo

References

http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0222

[CVE-2019-0222] CWE-noinfo

Description

In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.

See org.fusesource.mqtt-client/mqtt-client package information