Re: Artemis Activemq 2.28.0 and CVE-2022-45688

The code in console.war is not actually a direct part of the ActiveMQ Artemis code-base. It is coming from Hawtio [1], specifically from the hawtio-system [2] module. Looking through the code in the hawtio-system module I don't see any use of any method named toJSONObject (i.e. the method mentioned

Re: Artemis Activemq 2.28.0 and CVE-2022-45688

Hi, We are using Artemis Activemq 2.28.0 and our vulnerability scanner found the following vulnerable library: - json-20171018.jar (in the console.war). Vulnerable according to CVE-2022-45688 Could you please confirm/negate that Artemis Activemq 2.28.0 is NOT affected by this vulnerability

RE: FW: {EXTERNAL MAIL} WELCOME to users@activemq.apache.org

Hi. Thanks for your fast turn-around on issue 4409. [ARTEMIS-4409] Update examples to use management.xml - ASF JIRA (apache.org) I have 3 questions. Question 1 I see that in the updated documentation the Artemis broker is specified as