CVE-2021-20318

CVE-2021-20318

Vendor N/A
Product Artemis in EAP 7
Weakness CWE-502 · Unsafe deserialization
Published December 23, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.

Key dates

02Disclosure timeline

December 23, 2021 CVE published
August 3, 2024 Record updated