CVE-2021-4040
N/A
N/A
Summary
A flaw was found in AMQ Broker. This issue can cause a partial interruption to the availability of AMQ Broker via an Out of memory (OOM) condition. This flaw allows an attacker to partially disrupt availability to the broker through a sustained attack of maliciously crafted messages. The highest threat from this vulnerability is system availability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | AMQ Broker | Fixed in v2.19.1, v2.20.0 | affected |
Weaknesses
- CWE-400: CWE-400 - Uncontrolled Resource Consumption
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=2028254
- https://access.redhat.com/security/cve/CVE-2021-4040
- https://issues.apache.org/jira/browse/ARTEMIS-3593
- https://github.com/apache/activemq-artemis/pull/3871/commits
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2028254
- https://access.redhat.com/security/cve/CVE-2021-4040
- https://issues.apache.org/jira/browse/ARTEMIS-3593
- https://github.com/apache/activemq-artemis/pull/3871/commits
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.