CVE-2018-1310: Deserialization of Untrusted Data

May 23, 2018 (updated June 26, 2018)

Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service.

References

nifi.apache.org/security.html
nvd.nist.gov/vuln/detail/CVE-2018-1310

Code Behaviors & Features

Detect and mitigate CVE-2018-1310 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →