Apache

Activemq Broker

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.4%
  • Veröffentlicht 30.06.2026 09:55:29
  • Zuletzt bearbeitet 02.07.2026 18:43:25

Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied tr...

  • EPSS 0.5%
  • Veröffentlicht 30.06.2026 09:51:57
  • Zuletzt bearbeitet 02.07.2026 18:42:47

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands ...

Medienbericht
  • EPSS 0.52%
  • Veröffentlicht 30.06.2026 09:49:17
  • Zuletzt bearbeitet 02.07.2026 18:41:55

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encode...

Medienbericht
  • EPSS 0.38%
  • Veröffentlicht 30.06.2026 09:48:28
  • Zuletzt bearbeitet 02.07.2026 18:41:49

Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this ...

  • EPSS 0.33%
  • Veröffentlicht 01.06.2026 09:16:20
  • Zuletzt bearbeitet 01.06.2026 17:09:45

Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Brokers that are configured with a network connector with syncDurableSubs set to true, are vulnerable to an unauthentic...

  • EPSS 0.55%
  • Veröffentlicht 01.06.2026 09:16:19
  • Zuletzt bearbeitet 01.06.2026 17:06:00

Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the w...

  • EPSS 0.58%
  • Veröffentlicht 01.06.2026 09:16:19
  • Zuletzt bearbeitet 01.06.2026 17:09:40

Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Non-parenthesized discovery wrappers such as `masterslave:vm://...,...` and `static:...

  • EPSS 0.34%
  • Veröffentlicht 01.06.2026 09:16:19
  • Zuletzt bearbeitet 01.06.2026 17:07:51

Incomplete authorization by Apache ActiveMQ server before versions v6.2.6 and v5.19.7 allows authenticated connections to remove existing destinations with proper permissions. This issue affects Apache ActiveMQ Broker: before 5.19.7, from 6.0.0 befo...

Medienbericht
  • EPSS 0.98%
  • Veröffentlicht 24.04.2026 10:16:53
  • Zuletzt bearbeitet 30.06.2026 03:19:23

Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ, Apache ActiveMQ Broker, Apache ActiveMQ All. An authenticated attacker can use the admin web console page to construct a malicious...

  • EPSS 4.78%
  • Veröffentlicht 24.04.2026 10:15:44
  • Zuletzt bearbeitet 30.06.2026 03:19:18

Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. An authenticated attacker may bypass the fix in CVE-2026-34197 by adding a connecto...