Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.apache.activemq/activemq-all@5.14.1

Type maven

Namespace org.apache.activemq

Name activemq-all

Version 5.14.1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 5.16.7

Latest_non_vulnerable_version 6.2.4

Affected_by_vulnerabilities

url VCID-37ws-cqf7-4udm

vulnerability_id VCID-37ws-cqf7-4udm

summary

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-13947

reference_id

reference_type

scores

value	0.04029
scoring_system	epss
scoring_elements	0.88498
published_at	2026-04-21T12:55:00Z

value	0.04029
scoring_system	epss
scoring_elements	0.88504
published_at	2026-04-16T12:55:00Z

value	0.04029
scoring_system	epss
scoring_elements	0.88435
published_at	2026-04-01T12:55:00Z

value	0.04029
scoring_system	epss
scoring_elements	0.885
published_at	2026-04-18T12:55:00Z

value	0.04029
scoring_system	epss
scoring_elements	0.88489
published_at	2026-04-13T12:55:00Z

value	0.04029
scoring_system	epss
scoring_elements	0.8849
published_at	2026-04-12T12:55:00Z

value	0.04029
scoring_system	epss
scoring_elements	0.88497
published_at	2026-04-11T12:55:00Z

value	0.04029
scoring_system	epss
scoring_elements	0.88487
published_at	2026-04-09T12:55:00Z

value	0.04029
scoring_system	epss
scoring_elements	0.88481
published_at	2026-04-08T12:55:00Z

value	0.04029
scoring_system	epss
scoring_elements	0.88462
published_at	2026-04-07T12:55:00Z

value	0.04029
scoring_system	epss
scoring_elements	0.88459
published_at	2026-04-04T12:55:00Z

value	0.04029
scoring_system	epss
scoring_elements	0.88443
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-13947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13947

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url

https://github.com/apache/activemq/commit/177eb71c52069712bcc9fe14c70e079cc2671a80

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/177eb71c52069712bcc9fe14c70e079cc2671a80

reference_url

https://github.com/apache/activemq/compare/activemq-5.16.0...activemq-5.16.1

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/compare/activemq-5.16.0...activemq-5.16.1

reference_url

https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-13947

reference_id

CVE-2020-13947

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-13947

reference_url

http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt

reference_id

CVE-2020-13947-ANNOUNCEMENT.TXT

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt

reference_url

https://github.com/advisories/GHSA-66gw-ch5v-74v8

reference_id

GHSA-66gw-ch5v-74v8

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-66gw-ch5v-74v8

fixed_packages

url pkg:maven/org.apache.activemq/activemq-all@5.15.14

purl pkg:maven/org.apache.activemq/activemq-all@5.15.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f5x2-zvxa-yba5

vulnerability	VCID-k4jb-36cp-1fc4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.15.14

url pkg:maven/org.apache.activemq/activemq-all@5.16.1

purl pkg:maven/org.apache.activemq/activemq-all@5.16.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f5x2-zvxa-yba5

vulnerability	VCID-k4jb-36cp-1fc4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.16.1

aliases CVE-2020-13947, GHSA-66gw-ch5v-74v8

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-37ws-cqf7-4udm

url VCID-5kmj-whmc-4bfa

vulnerability_id VCID-5kmj-whmc-4bfa

summary When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15709.json

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15709.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15709

reference_id

reference_type

scores

value	0.65728
scoring_system	epss
scoring_elements	0.98511
published_at	2026-04-21T12:55:00Z

value	0.65728
scoring_system	epss
scoring_elements	0.9851
published_at	2026-04-18T12:55:00Z

value	0.65728
scoring_system	epss
scoring_elements	0.98509
published_at	2026-04-16T12:55:00Z

value	0.65728
scoring_system	epss
scoring_elements	0.98503
published_at	2026-04-12T12:55:00Z

value	0.65728
scoring_system	epss
scoring_elements	0.98504
published_at	2026-04-13T12:55:00Z

value	0.65728
scoring_system	epss
scoring_elements	0.98501
published_at	2026-04-09T12:55:00Z

value	0.65728
scoring_system	epss
scoring_elements	0.985
published_at	2026-04-08T12:55:00Z

value	0.65728
scoring_system	epss
scoring_elements	0.98496
published_at	2026-04-07T12:55:00Z

value	0.65728
scoring_system	epss
scoring_elements	0.98495
published_at	2026-04-04T12:55:00Z

value	0.65728
scoring_system	epss
scoring_elements	0.98491
published_at	2026-04-01T12:55:00Z

value	0.65728
scoring_system	epss
scoring_elements	0.98493
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15709

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15709
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15709

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url	https://github.com/apache/activemq/commit/5fa0bbd5156f29d97dcf48fd9fdb6a0488a8df1a
reference_id
reference_type
scores
url	https://github.com/apache/activemq/commit/5fa0bbd5156f29d97dcf48fd9fdb6a0488a8df1a

reference_url

https://github.com/apache/activemq/commit/8ff18c5e254bf43395f2e0d7e3a1092b33ec646

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/8ff18c5e254bf43395f2e0d7e3a1092b33ec646

reference_url

https://github.com/apache/activemq/commit/d2e49be3a8f21d862726c1f6bc9e1caa6ee8b58

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/d2e49be3a8f21d862726c1f6bc9e1caa6ee8b58

reference_url

https://issues.apache.org/jira/browse/AMQ-6871

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/AMQ-6871

reference_url

https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/2b6f04a552c6ec2de6563c2df3bba813f0fe9c7e22cce27b7829db89@%3Cdev.activemq.apache.org%3E

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/2b6f04a552c6ec2de6563c2df3bba813f0fe9c7e22cce27b7829db89@%3Cdev.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3f1e41bc9153936e065ca3094bd89ff8167ad2d39ac0b410f24382d2@%3Cgitbox.activemq.apache.org%3E

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/3f1e41bc9153936e065ca3094bd89ff8167ad2d39ac0b410f24382d2@%3Cgitbox.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/c0ec53b72b3240b187afb1cf67e4309a9e5f607282010aa196734814@%3Cgitbox.activemq.apache.org%3E

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/c0ec53b72b3240b187afb1cf67e4309a9e5f607282010aa196734814@%3Cgitbox.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1548057
reference_id	1548057
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1548057

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890352
reference_id	890352
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890352

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-15709

reference_id

CVE-2017-15709

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15709

reference_url

https://github.com/advisories/GHSA-7qm4-p377-fr2r

reference_id

GHSA-7qm4-p377-fr2r

reference_type

scores

value	LOW
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-7qm4-p377-fr2r

fixed_packages

url pkg:maven/org.apache.activemq/activemq-all@5.15.3

purl pkg:maven/org.apache.activemq/activemq-all@5.15.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-37ws-cqf7-4udm

vulnerability	VCID-6fqa-fzda-x3ej

vulnerability	VCID-9z4y-wq57-vyaf

vulnerability	VCID-f5x2-zvxa-yba5

vulnerability	VCID-fb7w-5fvt-zqe3

vulnerability	VCID-k4jb-36cp-1fc4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.15.3

aliases CVE-2017-15709, GHSA-7qm4-p377-fr2r

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5kmj-whmc-4bfa

url VCID-9z4y-wq57-vyaf

vulnerability_id VCID-9z4y-wq57-vyaf

summary

Code Injection
In Apache ActiveMQ, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.

references

reference_url

http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0222.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0222.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-0222

reference_id

reference_type

scores

value	0.10284
scoring_system	epss
scoring_elements	0.93183
published_at	2026-04-16T12:55:00Z

value	0.10284
scoring_system	epss
scoring_elements	0.93166
published_at	2026-04-13T12:55:00Z

value	0.10284
scoring_system	epss
scoring_elements	0.93165
published_at	2026-04-12T12:55:00Z

value	0.10284
scoring_system	epss
scoring_elements	0.93137
published_at	2026-04-01T12:55:00Z

value	0.10284
scoring_system	epss
scoring_elements	0.93196
published_at	2026-04-21T12:55:00Z

value	0.10284
scoring_system	epss
scoring_elements	0.93187
published_at	2026-04-18T12:55:00Z

value	0.10284
scoring_system	epss
scoring_elements	0.93168
published_at	2026-04-11T12:55:00Z

value	0.10284
scoring_system	epss
scoring_elements	0.93162
published_at	2026-04-09T12:55:00Z

value	0.10284
scoring_system	epss
scoring_elements	0.93158
published_at	2026-04-08T12:55:00Z

value	0.10284
scoring_system	epss
scoring_elements	0.93149
published_at	2026-04-07T12:55:00Z

value	0.10284
scoring_system	epss
scoring_elements	0.93151
published_at	2026-04-04T12:55:00Z

value	0.10284
scoring_system	epss
scoring_elements	0.93147
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-0222

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0222
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0222

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url

https://github.com/apache/activemq/commit/98b9f2e

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/98b9f2e

reference_url

https://github.com/apache/activemq/commit/f78c0962ffb46fae3397eed6b7ec1e6e15045031

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/f78c0962ffb46fae3397eed6b7ec1e6e15045031

reference_url

https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E

reference_url	https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1%40%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1%40%3Cdev.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E

reference_url	https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc%40%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485@%3Cdev.activemq.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485@%3Cdev.activemq.apache.org%3E

reference_url	https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485%40%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485%40%3Cdev.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488@%3Cusers.activemq.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488@%3Cusers.activemq.apache.org%3E

reference_url	https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488%40%3Cusers.activemq.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488%40%3Cusers.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_url	https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa@%3Ccommits.activemq.apache.org%3E

reference_url	https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa%40%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E

reference_url	https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b%40%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b%40%3Cdev.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E

reference_url	https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7%40%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E

reference_url	https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d%40%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a@%3Ccommits.activemq.apache.org%3E

reference_url	https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a%40%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2021/03/msg00004.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/03/msg00004.html

reference_url

https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html

reference_url

https://security.netapp.com/advisory/ntap-20190502-0006

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190502-0006

reference_url	https://security.netapp.com/advisory/ntap-20190502-0006/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190502-0006/

reference_url

https://web.archive.org/web/20190404065432/http://www.securityfocus.com/bid/107622

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20190404065432/http://www.securityfocus.com/bid/107622

reference_url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujul2020.html

reference_url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

reference_url

http://www.openwall.com/lists/oss-security/2019/03/27/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2019/03/27/2

reference_url	http://www.securityfocus.com/bid/107622
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107622

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1696012
reference_id	1696012
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1696012

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925964
reference_id	925964
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925964

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988109
reference_id	988109
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988109

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq::::::::
reference_id	cpe:2.3:a:apache:activemq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services:-:::::::*
reference_id	cpe:2.3:a:netapp:e-series_santricity_web_services:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:::::::*
reference_id	cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:::::::*
reference_id	cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:::::::*
reference_id	cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:::::::*
reference_id	cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_stream_analytics::::::::
reference_id	cpe:2.3:a:oracle:goldengate_stream_analytics::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_stream_analytics::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:identity_manager_connector:9.0:::::::*
reference_id	cpe:2.3:a:oracle:identity_manager_connector:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:identity_manager_connector:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-0222

reference_id

CVE-2019-0222

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-0222

reference_url

https://github.com/advisories/GHSA-jpv3-g4cc-6vfx

reference_id

GHSA-jpv3-g4cc-6vfx

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jpv3-g4cc-6vfx

reference_url	https://access.redhat.com/errata/RHSA-2020:0922
reference_id	RHSA-2020:0922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:0922

reference_url	https://access.redhat.com/errata/RHSA-2020:1445
reference_id	RHSA-2020:1445
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1445

reference_url	https://usn.ubuntu.com/6685-1/
reference_id	USN-6685-1
reference_type
scores
url	https://usn.ubuntu.com/6685-1/

fixed_packages

url pkg:maven/org.apache.activemq/activemq-all@5.15.9

purl pkg:maven/org.apache.activemq/activemq-all@5.15.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-37ws-cqf7-4udm

vulnerability	VCID-6fqa-fzda-x3ej

vulnerability	VCID-f5x2-zvxa-yba5

vulnerability	VCID-k4jb-36cp-1fc4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.15.9

aliases CVE-2019-0222, GHSA-jpv3-g4cc-6vfx

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9z4y-wq57-vyaf

url VCID-f5x2-zvxa-yba5

vulnerability_id VCID-f5x2-zvxa-yba5

summary

False positive
This advisory has been marked as a false positive.

references

reference_url

http://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46604.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46604.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-46604

reference_id

reference_type

scores

value	0.94436
scoring_system	epss
scoring_elements	0.99987
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-46604

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46604
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46604

reference_url

http://seclists.org/fulldisclosure/2024/Apr/18

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/

url

http://seclists.org/fulldisclosure/2024/Apr/18

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url

https://github.com/apache/activemq/commit/22442b2385b1000312aec3d19e510131d595a5fc

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/22442b2385b1000312aec3d19e510131d595a5fc

reference_url

https://github.com/apache/activemq/commit/80089f9f476afab7d976f5fc37c5ab4aa0c2139d

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/80089f9f476afab7d976f5fc37c5ab4aa0c2139d

reference_url

https://github.com/apache/activemq/commit/958330df26cf3d5cdb63905dc2c6882e98781d8f

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/958330df26cf3d5cdb63905dc2c6882e98781d8f

reference_url

https://github.com/apache/activemq/commit/9905e2a5bf9862a049f94ce0a2465b0c7ad52436

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/9905e2a5bf9862a049f94ce0a2465b0c7ad52436

reference_url

https://github.com/apache/activemq/commit/d0ccdd31544ada83185554c87c7aa141064020f0

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/d0ccdd31544ada83185554c87c7aa141064020f0

reference_url

https://github.com/apache/activemq/pull/1098

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/pull/1098

reference_url

https://issues.apache.org/jira/browse/AMQ-9370

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/AMQ-9370

reference_url

https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/

url

https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html

reference_url

https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/

url

https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html

reference_url

https://security.netapp.com/advisory/ntap-20231110-0010

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20231110-0010

reference_url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46604

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46604

reference_url

https://www.openwall.com/lists/oss-security/2023/10/27/5

reference_id

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/

url

https://www.openwall.com/lists/oss-security/2023/10/27/5

reference_url

http://www.openwall.com/lists/oss-security/2023/10/27/5

reference_id

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2023/10/27/5

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054909
reference_id	1054909
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054909

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2246645
reference_id	2246645
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2246645

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2023-46604

reference_id

CVE-2023-46604

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://activemq.apache.org/security-advisories.data/CVE-2023-46604

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-46604

reference_id

CVE-2023-46604

reference_type

scores

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-46604

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt

reference_id

CVE-2023-46604-ANNOUNCEMENT.TXT

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	10.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/

url

https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt

reference_url

https://github.com/advisories/GHSA-crg9-44h2-xw35

reference_id

GHSA-crg9-44h2-xw35

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-crg9-44h2-xw35

reference_url

https://security.netapp.com/advisory/ntap-20231110-0010/

reference_id

ntap-20231110-0010

reference_type

scores

value	10
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/

url

https://security.netapp.com/advisory/ntap-20231110-0010/

reference_url	https://access.redhat.com/errata/RHSA-2023:6849
reference_id	RHSA-2023:6849
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6849

reference_url	https://access.redhat.com/errata/RHSA-2023:6866
reference_id	RHSA-2023:6866
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6866

reference_url	https://access.redhat.com/errata/RHSA-2023:6877
reference_id	RHSA-2023:6877
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6877

reference_url	https://access.redhat.com/errata/RHSA-2023:6878
reference_id	RHSA-2023:6878
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6878

reference_url	https://access.redhat.com/errata/RHSA-2023:6879
reference_id	RHSA-2023:6879
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6879

reference_url	https://usn.ubuntu.com/6910-1/
reference_id	USN-6910-1
reference_type
scores
url	https://usn.ubuntu.com/6910-1/

reference_url	https://usn.ubuntu.com/7268-1/
reference_id	USN-7268-1
reference_type
scores
url	https://usn.ubuntu.com/7268-1/

fixed_packages

url pkg:maven/org.apache.activemq/activemq-all@5.15.16

purl pkg:maven/org.apache.activemq/activemq-all@5.15.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-k4jb-36cp-1fc4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.15.16

url	pkg:maven/org.apache.activemq/activemq-all@5.16.7
purl	pkg:maven/org.apache.activemq/activemq-all@5.16.7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.16.7

url	pkg:maven/org.apache.activemq/activemq-all@5.17.6
purl	pkg:maven/org.apache.activemq/activemq-all@5.17.6
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.17.6

url	pkg:maven/org.apache.activemq/activemq-all@5.18.3
purl	pkg:maven/org.apache.activemq/activemq-all@5.18.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.18.3

aliases CVE-2023-46604, GHSA-crg9-44h2-xw35

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f5x2-zvxa-yba5

url VCID-fb7w-5fvt-zqe3

vulnerability_id VCID-fb7w-5fvt-zqe3

summary

Cross-site Scripting
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the `queue.jsp` page of Apache ActiveMQ.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8006.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8006.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-8006

reference_id

reference_type

scores

value	0.79947
scoring_system	epss
scoring_elements	0.99107
published_at	2026-04-18T12:55:00Z

value	0.79947
scoring_system	epss
scoring_elements	0.99105
published_at	2026-04-13T12:55:00Z

value	0.79947
scoring_system	epss
scoring_elements	0.99104
published_at	2026-04-11T12:55:00Z

value	0.79947
scoring_system	epss
scoring_elements	0.9911
published_at	2026-04-21T12:55:00Z

value	0.79947
scoring_system	epss
scoring_elements	0.99102
published_at	2026-04-07T12:55:00Z

value	0.79947
scoring_system	epss
scoring_elements	0.99099
published_at	2026-04-04T12:55:00Z

value	0.79947
scoring_system	epss
scoring_elements	0.99095
published_at	2026-04-01T12:55:00Z

value	0.79947
scoring_system	epss
scoring_elements	0.99096
published_at	2026-04-02T12:55:00Z

value	0.79947
scoring_system	epss
scoring_elements	0.99103
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-8006

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8006
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8006

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url

https://github.com/apache/activemq/commit/2373aa1

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/2373aa1

reference_url

https://github.com/apache/activemq/commit/d8c80a98212ee5d73a281483a2f8b3f517465f62

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/d8c80a98212ee5d73a281483a2f8b3f517465f62

reference_url

https://issues.apache.org/jira/browse/AMQ-6954

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/AMQ-6954

reference_url

https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/3f1e41bc9153936e065ca3094bd89ff8167ad2d39ac0b410f24382d2@%3Cgitbox.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/3f1e41bc9153936e065ca3094bd89ff8167ad2d39ac0b410f24382d2@%3Cgitbox.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/c0ec53b72b3240b187afb1cf67e4309a9e5f607282010aa196734814@%3Cgitbox.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/c0ec53b72b3240b187afb1cf67e4309a9e5f607282010aa196734814@%3Cgitbox.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E

reference_url

https://web.archive.org/web/20200227115717/http://www.securityfocus.com/bid/105156

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200227115717/http://www.securityfocus.com/bid/105156

reference_url	http://www.securityfocus.com/bid/105156
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/105156

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1622774
reference_id	1622774
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1622774

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-8006

reference_id

CVE-2018-8006

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2018-8006

reference_url

http://activemq.apache.org/security-advisories.data/CVE-2018-8006-announcement.txt

reference_id

CVE-2018-8006-ANNOUNCEMENT.TXT

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://activemq.apache.org/security-advisories.data/CVE-2018-8006-announcement.txt

reference_url

https://github.com/advisories/GHSA-hvwm-2624-rp9x

reference_id

GHSA-hvwm-2624-rp9x

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hvwm-2624-rp9x

fixed_packages

url pkg:maven/org.apache.activemq/activemq-all@5.15.6

purl pkg:maven/org.apache.activemq/activemq-all@5.15.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-37ws-cqf7-4udm

vulnerability	VCID-6fqa-fzda-x3ej

vulnerability	VCID-9z4y-wq57-vyaf

vulnerability	VCID-f5x2-zvxa-yba5

vulnerability	VCID-k4jb-36cp-1fc4

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.15.6

aliases CVE-2018-8006, GHSA-hvwm-2624-rp9x

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fb7w-5fvt-zqe3

url VCID-k4jb-36cp-1fc4

vulnerability_id VCID-k4jb-36cp-1fc4

summary

False positive
This advisory has been marked as a false positive.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41678.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41678.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-41678

reference_id

reference_type

scores

value	0.9303
scoring_system	epss
scoring_elements	0.99786
published_at	2026-04-21T12:55:00Z

value	0.93623
scoring_system	epss
scoring_elements	0.99838
published_at	2026-04-12T12:55:00Z

value	0.93623
scoring_system	epss
scoring_elements	0.99837
published_at	2026-04-04T12:55:00Z

value	0.93623
scoring_system	epss
scoring_elements	0.99839
published_at	2026-04-13T12:55:00Z

value	0.93623
scoring_system	epss
scoring_elements	0.9984
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-41678

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41678
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41678

reference_url

https://github.com/apache/activemq

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq

reference_url

https://github.com/apache/activemq/commit/5c8d457d9

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/5c8d457d9

reference_url

https://github.com/apache/activemq/commit/6120169e563b55323352431dfe9ac67a8b4de6c2

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/6120169e563b55323352431dfe9ac67a8b4de6c2

reference_url

https://github.com/apache/activemq/commit/bf65929fd

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/bf65929fd

reference_url

https://github.com/apache/activemq/commit/d8ce1d9ff

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/d8ce1d9ff

reference_url

https://github.com/apache/activemq/pull/958

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/pull/958

reference_url

https://lists.apache.org/thread/7g17kwbtjl011mm4tr8bn1vnoq9wh4sl

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread/7g17kwbtjl011mm4tr8bn1vnoq9wh4sl

reference_url

https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html

reference_url

https://security.netapp.com/advisory/ntap-20240216-0004

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240216-0004

reference_url

https://www.openwall.com/lists/oss-security/2023/11/28/1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.openwall.com/lists/oss-security/2023/11/28/1

reference_url

http://www.openwall.com/lists/oss-security/2023/11/28/1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2023/11/28/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2252185
reference_id	2252185
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2252185

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-41678

reference_id

CVE-2022-41678

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-41678

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2022-41678-announcement.txt

reference_id

CVE-2022-41678-ANNOUNCEMENT.TXT

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://activemq.apache.org/security-advisories.data/CVE-2022-41678-announcement.txt

reference_url

https://github.com/advisories/GHSA-53v4-42fg-g287

reference_id

GHSA-53v4-42fg-g287

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-53v4-42fg-g287

reference_url	https://access.redhat.com/errata/RHSA-2024:2944
reference_id	RHSA-2024:2944
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2944

reference_url	https://usn.ubuntu.com/6910-1/
reference_id	USN-6910-1
reference_type
scores
url	https://usn.ubuntu.com/6910-1/

reference_url	https://usn.ubuntu.com/7268-1/
reference_id	USN-7268-1
reference_type
scores
url	https://usn.ubuntu.com/7268-1/

fixed_packages

url pkg:maven/org.apache.activemq/activemq-all@5.16.6

purl pkg:maven/org.apache.activemq/activemq-all@5.16.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f5x2-zvxa-yba5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.16.6

url pkg:maven/org.apache.activemq/activemq-all@5.17.4

purl pkg:maven/org.apache.activemq/activemq-all@5.17.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f5x2-zvxa-yba5

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.17.4

aliases CVE-2022-41678, GHSA-53v4-42fg-g287

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4jb-36cp-1fc4

Fixing_vulnerabilities

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-all@5.14.1

Package Instance