CVE-2024-51127

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions: hornetq version 2.4.9

Description: An issue in the createTempFile method allows attackers to arbitrarily overwrite files or access sensitive information.

Recommendations: For hornetq version 2.4.9, consider disabling the createTempFile method until a patch is available to prevent arbitrary file overwrites and sensitive information access.

Exploit

Fix

Path traversal

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22CWE-200

Related Identifiers

CVE-2024-51127

GHSA-R7MV-MV7M-PJW3

RHSA-2024:11529

RHSA-2024:11559

RHSA-2024:11560

RHSA-2025:0371

RHSA-2025:1636

RHSA-2025:1637

RHSA-2025:1638

RHSA-2025:16667

RHSA-2025:16668

Affected Products

Hornetq

CVE-2024-51127

Weakness Enumeration

Related Identifiers

Affected Products

References · 10