
CVE-2014-3599
https://notcve.org/view.php?id=CVE-2014-3599
12 Nov 2019 — HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy HornetQ REST es vulnerable a un problema de tipo XML External Entity, debido a una configuración no segura de RestEasy. • https://access.redhat.com/security/cve/cve-2014-3599 • CWE-611: Improper Restriction of XML External Entity Reference •

CVE-2017-12174 – artemis/hornetq: memory exhaustion via UDP and JGroups discovery
https://notcve.org/view.php?id=CVE-2017-12174
05 Feb 2018 — It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError. Se ha descubierto que cuando Artemis y HornetQ, en versiones anteriores a la 2.4.0, se configuran con detección UDP y detección JGroups, se crea un array con muchos bytes al recibir un mensaje multicast inesperado. Esto podría resultar en un agotam... • https://access.redhat.com/errata/RHSA-2018:0268 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •