org.apache.activemq:apache-activemq@6.0.1 vulnerabilities
-
latest version
6.1.2
-
latest non vulnerable version
-
first published
17 years ago
-
latest version published
4 months ago
-
licenses detected
- [4.1.1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.activemq:apache-activemq package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.apache.activemq:apache-activemq is a Message Broker and Client implementations. Affected versions of this package are vulnerable to Improper Access Control due to the default configuration not securing the API web context, which includes both the Jolokia JMX REST API and the Message REST API. This oversight allows unauthorized access, enabling anyone to interact with the broker or manage messages and destinations without any form of authentication. How to fix Improper Access Control? Upgrade |
[6.0.0,6.1.2)
|