Cschneider4711

**Name of the Vulnerable Software and Affected Versions** Apache ActiveMQ versions prior to 5.13.0 **Description** The Java Message Service (JMS) in the broker fails to restrict the classes that can be serialized, leading to unsafe deserialization. This lack of input validation allows a remote attacker to execute arbitrary code by sending a specially crafted serialized `ObjectMessage` object. **Recommendations** Update to version 5.13.0 or later.

**Name of the Vulnerable Software and Affected Versions** Infoware MapSuite versions prior to 1.0.36 Infoware MapSuite versions 1.1.x prior to 1.1.49 **Description** The issue is related to an absolute path traversal vulnerability in the MapAPI. This allows remote attackers to read arbitrary files. **Recommendations** For versions prior to 1.0.36, update to version 1.0.36 or later. For versions 1.1.x prior to 1.1.49, update to version 1.1.49 or later.