A-mq clients

This hub aggregates every CVE we track for A-mq clients, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting A-mq clients.

• CVE-2024-13009Eclipse Jetty GZIP buffer release7.2May 8, 2025
• CVE-2024-38809Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users ...5.3Sep 27, 2024
• CVE-2023-45648Apache Tomcat: Trailer header parsing too lenient5.3Oct 10, 2023
• CVE-2022-4245Codehaus-plexus: xml external entity (xxe) injection4.3Sep 25, 2023
• CVE-2023-40167Jetty accepts "+" prefixed value in Content-Length5.3Sep 15, 2023
• CVE-2023-34462netty-handler SniHandler 16MB allocation6.5Jun 22, 2023
• CVE-2023-26464Apache Log4j 1.x (EOL) allows DoS in Chainsaw and SocketAppender7.5Mar 10, 2023
• CVE-2022-41854Stack Overflow in Snakeyaml5.8Nov 11, 2022
• CVE-2022-38749DoS in SnakeYAML6.5Sep 5, 2022
• CVE-2022-25647Deserialization of Untrusted Data7.7May 1, 2022
• CVE-2022-23302Deserialization of untrusted data in JMSSink in Apache Log4j 1.x8.8Jan 18, 2022
• CVE-2021-44228Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpointsKEV10.0Dec 10, 2021
• CVE-2021-43797HTTP fails to validate against control chars in header names which may lead to HTTP request smuggling6.5Dec 9, 2021
• CVE-2021-37137The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was rece...7.5Oct 19, 2021
• CVE-2021-22918Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whet...5.3Jul 12, 2021