Apache

Artemis

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.37%
  • Veröffentlicht 28.05.2026 12:28:25
  • Zuletzt bearbeitet 15.06.2026 13:03:40

A vulnerability exists in Apache Artemis whereby an application using the STOMP protocol with security credentials that grant either the consume or send permission on an address can augment the routing-type supported by that address even if said user...

  • EPSS 0.47%
  • Veröffentlicht 24.03.2026 08:16:01
  • Zuletzt bearbeitet 15.06.2026 13:03:40

Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authent...

  • EPSS 0.33%
  • Veröffentlicht 24.03.2026 08:15:16
  • Zuletzt bearbeitet 24.03.2026 15:53:48

Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message ( CVE-2026-27446 https://www.cve.org/CVERecord ). Since KNIME Business Hub uses ...

  • EPSS 10.63%
  • Veröffentlicht 04.03.2026 08:48:48
  • Zuletzt bearbeitet 30.06.2026 03:17:55

Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection...

  • EPSS 0.36%
  • Veröffentlicht 09.04.2025 15:16:02
  • Zuletzt bearbeitet 15.06.2026 13:03:40

Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties are logged when the org.apache.activemq.artemis.core.config.impl.ConfigurationImpl logger has the debug level enabled. ...

  • EPSS 0.58%
  • Veröffentlicht 01.04.2025 08:15:13
  • Zuletzt bearbeitet 15.06.2026 13:03:40

A vulnerability exists in Apache ActiveMQ Artemis whereby a user with the createDurableQueue or createNonDurableQueue permission on an address can augment the routing-type supported by that address even if said user doesn't have the createAddress per...

  • EPSS 16.54%
  • Veröffentlicht 14.10.2024 16:15:03
  • Zuletzt bearbeitet 15.06.2026 13:03:40

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for ex...

  • EPSS 2.5%
  • Veröffentlicht 24.08.2022 16:15:09
  • Zuletzt bearbeitet 15.06.2026 13:03:40

A flaw was found in AMQ Broker. This issue can cause a partial interruption to the availability of AMQ Broker via an Out of memory (OOM) condition. This flaw allows an attacker to partially disrupt availability to the broker through a sustained attac...

  • EPSS 1.41%
  • Veröffentlicht 23.08.2022 15:15:11
  • Zuletzt bearbeitet 15.06.2026 13:03:40

In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.

Exploit
  • EPSS 2.72%
  • Veröffentlicht 04.02.2022 23:15:15
  • Zuletzt bearbeitet 15.06.2026 13:03:40

In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.