6.2.7
19 years ago
9 days ago
Known vulnerabilities in the org.apache.activemq:apache-activemq package. This does not include vulnerabilities belonging to this package’s dependencies.
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
org.apache.activemq:apache-activemq is a Message Broker and Client implementations. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the rendering of the How to fix Cross-site Scripting (XSS)? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:apache-activemq is a Message Broker and Client implementations. Affected versions of this package are vulnerable to Improper Authorization due to improper access control in the How to fix Improper Authorization? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:apache-activemq is a Message Broker and Client implementations. Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size via the How to fix Incorrect Calculation of Buffer Size? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:apache-activemq is a Message Broker and Client implementations. Affected versions of this package are vulnerable to External Control of System or Configuration Setting in the How to fix External Control of System or Configuration Setting? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:apache-activemq is a Message Broker and Client implementations. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the How to fix Memory Allocation with Excessive Size Value? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:apache-activemq is a Message Broker and Client implementations. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the unmarshalling process of OpenWire message property maps without proper size validation. An attacker can exhaust system memory and cause a broker crash by sending a crafted message with a large encoded size value. How to fix Memory Allocation with Excessive Size Value? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:apache-activemq is a Message Broker and Client implementations. Affected versions of this package are vulnerable to Missing Authorization in the process that manages temporary destinations. An attacker can gain unauthorized access to consume messages from another user's temporary destination by establishing a separate connection and bypassing client-side isolation checks. How to fix Missing Authorization? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:apache-activemq is a Message Broker and Client implementations. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value.
via the How to fix Memory Allocation with Excessive Size Value? Upgrade | [,5.19.8)[6.0.0,6.2.7) |
org.apache.activemq:apache-activemq is a Message Broker and Client implementations. Affected versions of this package are vulnerable to Incorrect Default Permissions due to the default authorization settings in How to fix Incorrect Default Permissions? Upgrade | [,5.19.7)[6.0.0,6.2.6) |