CVE-2018-11775: Improper Certificate Validation
(updated )
TLS hostname verification when using the Apache ActiveMQ Client is missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server.
References
Detect and mitigate CVE-2018-11775 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →