Open shup88 opened 8 months ago
Hi @shup88,
I am building the latest version of Active MQ right now. I will let you know if it looks like we will be able to get an updated RPM out quickly to resolve the CVE.
Hi @markdirish. Any update on this?
Thank you!
Hi @markdirish. Any update on this?
Thank you!
CVE-2023-46604 lists a vulnerability with remote code execution for Active MQ.
The highest version available appears to be 5.15.12. This is an affected version. Is there any plan from IBM to remediate this and port a higher version without the RCE vulnerability?