Hi Marian-
This appears to be a standard “if the server gets compromised, bad actors can
do other bad things” security issue.
Deserialization (in many programming languages) can always lead to security
problems if a bad actor is able to compromise the system by deploying malicious
code. Keep i
Hi,
We are using a docker container of ActiveMQ 5.17.0 and our vulnerability
scanner found the library spring-web-5.3.16.jar which is vulnerable to
cve-2016-127.
Can you confirm/infirm if Active MQ is affected / whether it uses a Spring
remoting endpoint?
More details about this vulnerabi
