ActiveMQ Artemis supports the OpenWire protocol via dependencies from
ActiveMQ "Classic." Until ActiveMQ Artemis 2.31.1 those dependencies
contain the vulnerable code which means ActiveMQ Artemis ships the
vulnerable code. However, the only known exploit of this vulnerability
requires Spring depend
Hi,
Am Mittwoch, dem 01.11.2023 um 14:29 -0500 schrieb Justin Bertram:
> ActiveMQ Artemis 2.31.1 was released October 25 (i.e. right before
> the CVE
> was announced) and it contains libraries from ActiveMQ "Classic"
> 5.17.6
> which are not vulnerable to CVE-2023-46604.
Does this imply that Artem
