Uploaded image for project: 'Talend Unified Platform'
  1. Talend Unified Platform
  2. TUP-22585

[CVE:high] Backend : pkg:maven/org.apache.activemq:apache-activemq:5.9.0.redhat-611423 requires version upgrade

Apply templateInsert Lucidchart Diagram
    XMLWordPrintable

Details

    • Work Item
    • Status: Rejected
    • Critical
    • Resolution: Suggestion noted
    • None
    • 7.3.1
    • None
    • All
    • 7.3.1-Sprint_1 UP
    • GreenHopper Ranking:
      0|i1gqu3:
    • 9223372036854775807
    • Small

    Description

      What: this is security issue

      {{
      {
      "path": "Studio",
      "advisory": "CVE-2014-0003",
      "purl": "pkg:maven/org.apache.activemq:apache-activemq:5.9.0.redhat-611423",
      "severity": "high",
      "title": "The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.",
      "tool": "NVD",
      "jira": null,
      "audit": "2019-04-01",
      "context": {
      "findings": {
      "c5973f48-0896-4f80-ae69-c9baa47c0c6c": {
      "606cc6fd-7ef2-45f3-b11d-f5d92e72d0e9": [

      { "Path": "/META-INF/native/windows32/leveldbjni.dll", "Usage": "DYNAMICALLY_LINKED", "Adjusted": "false", "Origin id": "fdb00a9f-29a7-4233-b722-a65a7a10585c", "Match type": "Exact", "Version id": "606cc6fd-7ef2-45f3-b11d-f5d92e72d0e9", "Origin name": "maven", "Component id": "c5973f48-0896-4f80-ae69-c9baa47c0c6c", "Match content": "", "Overridden By": "", "Component name": "Apache ActiveMQ", "Origin name id": "org.apache.activemq:apache-activemq:5.9.0.redhat-611423", "Archive context": "/Talend-Studio-20181026_1147-V7.1.1/plugins/org.talend.designer.maven.tis_7.1.1.20181026_1147/resources/repository/maven_repository.zip!/repository/org/fusesource/leveldbjni/leveldbjni-all/1.8/leveldbjni-all-1.8.jar!/", "Component version name": "5.9.0", "Component policy status": "", "Component origin version name": "5.9.0.redhat-611423" }

      ,

      { "Path": "/META-INF/native/windows64/leveldbjni.dll", "Usage": "DYNAMICALLY_LINKED", "Adjusted": "false", "Origin id": "fdb00a9f-29a7-4233-b722-a65a7a10585c", "Match type": "Exact", "Version id": "606cc6fd-7ef2-45f3-b11d-f5d92e72d0e9", "Origin name": "maven", "Component id": "c5973f48-0896-4f80-ae69-c9baa47c0c6c", "Match content": "", "Overridden By": "", "Component name": "Apache ActiveMQ", "Origin name id": "org.apache.activemq:apache-activemq:5.9.0.redhat-611423", "Archive context": "/Talend-Studio-20181026_1147-V7.1.1/plugins/org.talend.designer.maven.tis_7.1.1.20181026_1147/resources/repository/maven_repository.zip!/repository/org/fusesource/leveldbjni/leveldbjni-all/1.8/leveldbjni-all-1.8.jar!/", "Component version name": "5.9.0", "Component policy status": "", "Component origin version name": "5.9.0.redhat-611423" }

      ]
      }
      }
      },
      "uuid": "e92899b4-d977-4c8c-b9d2-db08db529ecd",
      "version": "7.1",
      "jira_slug": "TUP",
      "jira_component": null
      }
      }}

      Attachments

        Issue Links

          is duplicated by

          Work Item - Work item for the scum process TUP-22565 [CVE:high] Backend : pkg:maven/org.apache.activemq:apache-activemq:5.9.0.redhat-611423 requires version upgrade

          • Critical - The customer's production system is in a critical error situation. Basic functions of the supported software are not usable. The consequences can have a serious impact on the customer's business. This is the highest error category for issues arising outside of production systems.
          • Rejected

          Work Item - Work item for the scum process TUP-22566 [CVE:high] Backend : pkg:maven/org.apache.activemq:apache-activemq:5.9.0.redhat-611423 requires version upgrade

          • Critical - The customer's production system is in a critical error situation. Basic functions of the supported software are not usable. The consequences can have a serious impact on the customer's business. This is the highest error category for issues arising outside of production systems.
          • Rejected

          Work Item - Work item for the scum process TUP-22567 [CVE:high] Backend : pkg:maven/org.apache.activemq:apache-activemq:5.9.0.redhat-611423 requires version upgrade

          • Critical - The customer's production system is in a critical error situation. Basic functions of the supported software are not usable. The consequences can have a serious impact on the customer's business. This is the highest error category for issues arising outside of production systems.
          • Rejected

          Work Item - Work item for the scum process TUP-22568 [CVE:high] Backend : pkg:maven/org.apache.activemq:apache-activemq:5.9.0.redhat-611423 requires version upgrade

          • Critical - The customer's production system is in a critical error situation. Basic functions of the supported software are not usable. The consequences can have a serious impact on the customer's business. This is the highest error category for issues arising outside of production systems.
          • Rejected

          Activity

            People

              nrousseau Nicolas Rousseau
              jmfrancois Jean-Michel Francois
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 1 day
                  1d
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 4 hours Time Not Required
                  4h