CVE-2020-36282

Published March 12th, 2021

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

1

PROJECT

Description

JMS Client for RabbitMQ 1.x before 1.15.2 and 2.x before 2.2.0 is vulnerable to unsafe deserialization that can result in code execution via crafted StreamMessage data.

rabbitmq/rabbitmq-jms-client

RabbitMQ JMS client

GitHub

65