Security
AMQP 0-x JMS (AMQP 0-8, 0-9, 0-9-1, 0-10)
| CVE-ID | Severity | Affected versions | Fixed versions | Summary |
|---|---|---|---|---|
| CVE-2016-4974 | Moderate | 6.0.3 and earlier | 6.0.4 and later | Deserialization of untrusted input while using JMS ObjectMessage |
See the Qpid JMS Security page for details of the AMQP 1.0 JMS client.
See the main Security page for general information and details for other components.
Apache Qpid, Messaging built on AMQP; Copyright © 2015 The Apache Software Foundation; Licensed under the Apache License, Version 2.0; Apache Qpid, Qpid, Qpid Proton, Proton, Apache, the Apache feather logo, and the Apache Qpid project logo are trademarks of The Apache Software Foundation; All other marks mentioned may be trademarks or registered trademarks of their respective owners