/
CVE-2023-39410

CVE-2023-39410

Owned by Sheetal Shet, created
Apr 05, 2024
1 min read

Description

We've identified a vulnerability impacting Java applications utilizing the Apache Avro Java SDK. Following thorough investigations, HiveMQ has determined that version 4.23 is affected due to its utilization of an Apache Avro version prior to 1.13.

Severity

LOW

Affected Version

HiveMQ 4.23, 4.24.0, 4.24.1

In case you are running one of these HiveMQ versions in production we strongly recommend upgrading to one of our latest HiveMQ version.

Fix Version

HiveMQ 4.25 and onwards

 

Related content

Apache common text CVE-2022-42889 vulnerability
Apache common text CVE-2022-42889 vulnerability
HiveMQ Knowledge Base - Self Managed Offering
More like this
Log4Shell vulnerability
Log4Shell vulnerability
HiveMQ Knowledge Base - Self Managed Offering
More like this
HiveMQ does not start with OpenJDK 11.0.10+9
HiveMQ does not start with OpenJDK 11.0.10+9
HiveMQ Knowledge Base - Self Managed Offering
More like this
ERROR  - An error occurred while returning credits for client and NPE
ERROR  - An error occurred while returning credits for client and NPE
HiveMQ Knowledge Base - Self Managed Offering
More like this
WARN - HiveMQ Distribution didn’t contain a build date, please contact support@hivemq.com
WARN - HiveMQ Distribution didn’t contain a build date, please contact support@hivemq.com
HiveMQ Knowledge Base - Self Managed Offering
More like this
Recommendations: Heap and memory allocation for the HiveMQ process
Recommendations: Heap and memory allocation for the HiveMQ process
HiveMQ Knowledge Base - Self Managed Offering
More like this