Red Hat JBossEAP: Path Traversal (CVE-2024-51127)

Red Hat JBossEAP: Path Traversal (CVE-2024-51127)

Severity

9

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:N)

Published

11/04/2024

Created

12/24/2024

Added

12/20/2024

Modified

01/20/2025

Description

An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information.. A flaw was found in the createTempFile method of hornetq. Affected version of hornetq allows attackers to arbitrarily overwrite files or access sensitive information.

Solution(s)

• red-hat-jboss-eap-upgrade-latest

References

• https://attackerkb.com/topics/cve-2024-51127
• CVE - 2024-51127
• https://access.redhat.com/security/cve/CVE-2024-51127
• https://bugzilla.redhat.com/show_bug.cgi?id=2323697
• http://hornetq.com
• https://github.com/JAckLosingHeart/CWE-378/blob/main/CVE-2024-51127.md
• https://access.redhat.com/errata/RHSA-2024:11529
• https://access.redhat.com/errata/RHSA-2024:11531
• https://access.redhat.com/errata/RHSA-2024:11559
• https://access.redhat.com/errata/RHSA-2024:11560
• https://access.redhat.com/errata/RHSA-2024:11570
• https://access.redhat.com/errata/RHSA-2025:0371
• https://access.redhat.com/errata/RHSA-2025:0372

View more