Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.activemq/activemq-client@5.12.0
Typemaven
Namespaceorg.apache.activemq
Nameactivemq-client
Version5.12.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.16.8
Latest_non_vulnerable_version6.2.4
Affected_by_vulnerabilities
0
url VCID-37ws-cqf7-4udm
vulnerability_id VCID-37ws-cqf7-4udm
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13947
reference_id
reference_type
scores
0
value 0.04029
scoring_system epss
scoring_elements 0.88498
published_at 2026-04-21T12:55:00Z
1
value 0.04029
scoring_system epss
scoring_elements 0.88504
published_at 2026-04-16T12:55:00Z
2
value 0.04029
scoring_system epss
scoring_elements 0.88435
published_at 2026-04-01T12:55:00Z
3
value 0.04029
scoring_system epss
scoring_elements 0.885
published_at 2026-04-18T12:55:00Z
4
value 0.04029
scoring_system epss
scoring_elements 0.88489
published_at 2026-04-13T12:55:00Z
5
value 0.04029
scoring_system epss
scoring_elements 0.8849
published_at 2026-04-12T12:55:00Z
6
value 0.04029
scoring_system epss
scoring_elements 0.88497
published_at 2026-04-11T12:55:00Z
7
value 0.04029
scoring_system epss
scoring_elements 0.88487
published_at 2026-04-09T12:55:00Z
8
value 0.04029
scoring_system epss
scoring_elements 0.88481
published_at 2026-04-08T12:55:00Z
9
value 0.04029
scoring_system epss
scoring_elements 0.88462
published_at 2026-04-07T12:55:00Z
10
value 0.04029
scoring_system epss
scoring_elements 0.88459
published_at 2026-04-04T12:55:00Z
11
value 0.04029
scoring_system epss
scoring_elements 0.88443
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13947
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13947
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13947
2
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
3
reference_url https://github.com/apache/activemq/commit/177eb71c52069712bcc9fe14c70e079cc2671a80
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/177eb71c52069712bcc9fe14c70e079cc2671a80
4
reference_url https://github.com/apache/activemq/compare/activemq-5.16.0...activemq-5.16.1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/compare/activemq-5.16.0...activemq-5.16.1
5
reference_url https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E
8
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
9
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13947
reference_id CVE-2020-13947
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13947
11
reference_url http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt
reference_id CVE-2020-13947-ANNOUNCEMENT.TXT
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt
12
reference_url https://github.com/advisories/GHSA-66gw-ch5v-74v8
reference_id GHSA-66gw-ch5v-74v8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-66gw-ch5v-74v8
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-client@5.15.14
purl pkg:maven/org.apache.activemq/activemq-client@5.15.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-f5x2-zvxa-yba5
1
vulnerability VCID-q6zs-spcv-v7ey
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.15.14
1
url pkg:maven/org.apache.activemq/activemq-client@5.16.1
purl pkg:maven/org.apache.activemq/activemq-client@5.16.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-f5x2-zvxa-yba5
1
vulnerability VCID-q6zs-spcv-v7ey
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.16.1
aliases CVE-2020-13947, GHSA-66gw-ch5v-74v8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-37ws-cqf7-4udm
1
url VCID-99na-8tpm-syh1
vulnerability_id VCID-99na-8tpm-syh1
summary The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:1424
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1424
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0734.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0734.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0734
reference_id
reference_type
scores
0
value 0.02975
scoring_system epss
scoring_elements 0.86527
published_at 2026-04-21T12:55:00Z
1
value 0.02975
scoring_system epss
scoring_elements 0.86449
published_at 2026-04-01T12:55:00Z
2
value 0.02975
scoring_system epss
scoring_elements 0.86459
published_at 2026-04-02T12:55:00Z
3
value 0.02975
scoring_system epss
scoring_elements 0.86478
published_at 2026-04-04T12:55:00Z
4
value 0.02975
scoring_system epss
scoring_elements 0.86477
published_at 2026-04-07T12:55:00Z
5
value 0.02975
scoring_system epss
scoring_elements 0.86497
published_at 2026-04-08T12:55:00Z
6
value 0.02975
scoring_system epss
scoring_elements 0.86507
published_at 2026-04-09T12:55:00Z
7
value 0.02975
scoring_system epss
scoring_elements 0.86522
published_at 2026-04-11T12:55:00Z
8
value 0.02975
scoring_system epss
scoring_elements 0.86519
published_at 2026-04-12T12:55:00Z
9
value 0.02975
scoring_system epss
scoring_elements 0.86513
published_at 2026-04-13T12:55:00Z
10
value 0.02975
scoring_system epss
scoring_elements 0.86528
published_at 2026-04-16T12:55:00Z
11
value 0.02975
scoring_system epss
scoring_elements 0.86534
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0734
3
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
4
reference_url https://github.com/apache/activemq/commit/028a33ea7d73fabe6161defffdbfc85578328a68
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/028a33ea7d73fabe6161defffdbfc85578328a68
5
reference_url https://github.com/apache/activemq/commit/24ad36778534c5ac888f880837075449169578ad
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/24ad36778534c5ac888f880837075449169578ad
6
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
8
reference_url http://www.openwall.com/lists/oss-security/2016/03/10/11
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/03/10/11
9
reference_url http://www.securityfocus.com/bid/84321
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/84321
10
reference_url http://www.securitytracker.com/id/1035327
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035327
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1317520
reference_id 1317520
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1317520
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.10.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.10.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.2:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.11.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.11.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.1:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.2:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.12.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.12.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.1:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.12.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.2:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.13.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.13.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.13.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0734
reference_id CVE-2016-0734
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0734
40
reference_url http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt
reference_id CVE-2016-0734-ANNOUNCEMENT.TXT
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt
41
reference_url https://github.com/advisories/GHSA-w525-w93j-rxgm
reference_id GHSA-w525-w93j-rxgm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w525-w93j-rxgm
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-client@5.13.2
purl pkg:maven/org.apache.activemq/activemq-client@5.13.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ws-cqf7-4udm
1
vulnerability VCID-9z4y-wq57-vyaf
2
vulnerability VCID-f5x2-zvxa-yba5
3
vulnerability VCID-nq1y-96n5-eugd
4
vulnerability VCID-q6zs-spcv-v7ey
5
vulnerability VCID-uw15-q255-zbe8
6
vulnerability VCID-xttf-9hx8-fbdb
7
vulnerability VCID-y7sj-71h1-3qhr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.13.2
aliases CVE-2016-0734, GHSA-w525-w93j-rxgm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-99na-8tpm-syh1
2
url VCID-9z4y-wq57-vyaf
vulnerability_id VCID-9z4y-wq57-vyaf
summary 
Code Injection
In Apache ActiveMQ, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.
references
0
reference_url http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0222.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0222.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0222
reference_id
reference_type
scores
0
value 0.10284
scoring_system epss
scoring_elements 0.93183
published_at 2026-04-16T12:55:00Z
1
value 0.10284
scoring_system epss
scoring_elements 0.93166
published_at 2026-04-13T12:55:00Z
2
value 0.10284
scoring_system epss
scoring_elements 0.93165
published_at 2026-04-12T12:55:00Z
3
value 0.10284
scoring_system epss
scoring_elements 0.93137
published_at 2026-04-01T12:55:00Z
4
value 0.10284
scoring_system epss
scoring_elements 0.93196
published_at 2026-04-21T12:55:00Z
5
value 0.10284
scoring_system epss
scoring_elements 0.93187
published_at 2026-04-18T12:55:00Z
6
value 0.10284
scoring_system epss
scoring_elements 0.93168
published_at 2026-04-11T12:55:00Z
7
value 0.10284
scoring_system epss
scoring_elements 0.93162
published_at 2026-04-09T12:55:00Z
8
value 0.10284
scoring_system epss
scoring_elements 0.93158
published_at 2026-04-08T12:55:00Z
9
value 0.10284
scoring_system epss
scoring_elements 0.93149
published_at 2026-04-07T12:55:00Z
10
value 0.10284
scoring_system epss
scoring_elements 0.93151
published_at 2026-04-04T12:55:00Z
11
value 0.10284
scoring_system epss
scoring_elements 0.93147
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0222
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0222
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0222
4
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
5
reference_url https://github.com/apache/activemq/commit/98b9f2e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/98b9f2e
6
reference_url https://github.com/apache/activemq/commit/f78c0962ffb46fae3397eed6b7ec1e6e15045031
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/f78c0962ffb46fae3397eed6b7ec1e6e15045031
7
reference_url https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1%40%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1%40%3Cdev.activemq.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc%40%3Ccommits.activemq.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485@%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485@%3Cdev.activemq.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485%40%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485%40%3Cdev.activemq.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488@%3Cusers.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488@%3Cusers.activemq.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488%40%3Cusers.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488%40%3Cusers.activemq.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa@%3Ccommits.activemq.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa%40%3Ccommits.activemq.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b%40%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b%40%3Cdev.activemq.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7%40%3Ccommits.activemq.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d%40%3Ccommits.activemq.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a@%3Ccommits.activemq.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a%40%3Ccommits.activemq.apache.org%3E
27
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00004.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00004.html
28
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html
29
reference_url https://security.netapp.com/advisory/ntap-20190502-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190502-0006
30
reference_url https://security.netapp.com/advisory/ntap-20190502-0006/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190502-0006/
31
reference_url https://web.archive.org/web/20190404065432/http://www.securityfocus.com/bid/107622
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20190404065432/http://www.securityfocus.com/bid/107622
32
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
33
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
34
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
35
reference_url http://www.openwall.com/lists/oss-security/2019/03/27/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/03/27/2
36
reference_url http://www.securityfocus.com/bid/107622
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/107622
37
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1696012
reference_id 1696012
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1696012
38
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925964
reference_id 925964
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925964
39
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988109
reference_id 988109
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988109
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:identity_manager_connector:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:identity_manager_connector:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:identity_manager_connector:9.0:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0222
reference_id CVE-2019-0222
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-0222
54
reference_url https://github.com/advisories/GHSA-jpv3-g4cc-6vfx
reference_id GHSA-jpv3-g4cc-6vfx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpv3-g4cc-6vfx
55
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
56
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
57
reference_url https://usn.ubuntu.com/6685-1/
reference_id USN-6685-1
reference_type
scores
url https://usn.ubuntu.com/6685-1/
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-client@5.15.9
purl pkg:maven/org.apache.activemq/activemq-client@5.15.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ws-cqf7-4udm
1
vulnerability VCID-f5x2-zvxa-yba5
2
vulnerability VCID-q6zs-spcv-v7ey
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.15.9
aliases CVE-2019-0222, GHSA-jpv3-g4cc-6vfx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9z4y-wq57-vyaf
3
url VCID-brq9-y937-8faz
vulnerability_id VCID-brq9-y937-8faz
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting (XSS) attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a queue.
references
0
reference_url http://packetstormsecurity.com/files/136215/Apache-ActiveMQ-5.13.0-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/136215/Apache-ActiveMQ-5.13.0-Cross-Site-Scripting.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1424
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1424
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0782.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0782.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0782
reference_id
reference_type
scores
0
value 0.01162
scoring_system epss
scoring_elements 0.78625
published_at 2026-04-21T12:55:00Z
1
value 0.01162
scoring_system epss
scoring_elements 0.78552
published_at 2026-04-01T12:55:00Z
2
value 0.01162
scoring_system epss
scoring_elements 0.78559
published_at 2026-04-02T12:55:00Z
3
value 0.01162
scoring_system epss
scoring_elements 0.7859
published_at 2026-04-04T12:55:00Z
4
value 0.01162
scoring_system epss
scoring_elements 0.78572
published_at 2026-04-07T12:55:00Z
5
value 0.01162
scoring_system epss
scoring_elements 0.78597
published_at 2026-04-08T12:55:00Z
6
value 0.01162
scoring_system epss
scoring_elements 0.78603
published_at 2026-04-09T12:55:00Z
7
value 0.01162
scoring_system epss
scoring_elements 0.78628
published_at 2026-04-18T12:55:00Z
8
value 0.01162
scoring_system epss
scoring_elements 0.7861
published_at 2026-04-12T12:55:00Z
9
value 0.01162
scoring_system epss
scoring_elements 0.78601
published_at 2026-04-13T12:55:00Z
10
value 0.01162
scoring_system epss
scoring_elements 0.78631
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0782
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1317516
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1317516
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0782
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0782
6
reference_url https://github.com/apache/activemq/commit/0c9fdb5b4180c1ae800bbc8bae7a2c0620f6749b
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/0c9fdb5b4180c1ae800bbc8bae7a2c0620f6749b
7
reference_url https://github.com/apache/activemq/commit/2061186a0a2486aebf26c4ceb8126933ed01826e
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/2061186a0a2486aebf26c4ceb8126933ed01826e
8
reference_url https://github.com/apache/activemq/commit/7828069637acb2f1ca1710523f6a2b216c12c7f8
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/7828069637acb2f1ca1710523f6a2b216c12c7f8
9
reference_url https://github.com/apache/activemq/compare/activemq-5.13.1...activemq-5.13.2
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/compare/activemq-5.13.1...activemq-5.13.2
10
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
12
reference_url http://www.securityfocus.com/archive/1/537760/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/537760/100/0/threaded
13
reference_url http://www.securitytracker.com/id/1035328
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035328
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.10.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.1:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.10.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.2:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.11.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.0:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.11.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.11.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.3:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.12.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.12.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.1:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.12.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.2:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.13.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.13.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.13.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.13.1:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0782
reference_id CVE-2016-0782
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0782
43
reference_url http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
reference_id CVE-2016-0782-ANNOUNCEMENT.TXT
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2016-0782-announcement.txt
44
reference_url https://github.com/advisories/GHSA-8rcq-p4gh-vmj8
reference_id GHSA-8rcq-p4gh-vmj8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8rcq-p4gh-vmj8
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-client@5.12.3
purl pkg:maven/org.apache.activemq/activemq-client@5.12.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ws-cqf7-4udm
1
vulnerability VCID-99na-8tpm-syh1
2
vulnerability VCID-9z4y-wq57-vyaf
3
vulnerability VCID-f5x2-zvxa-yba5
4
vulnerability VCID-nq1y-96n5-eugd
5
vulnerability VCID-pf5e-93cg-guav
6
vulnerability VCID-q6zs-spcv-v7ey
7
vulnerability VCID-uw15-q255-zbe8
8
vulnerability VCID-xttf-9hx8-fbdb
9
vulnerability VCID-y7sj-71h1-3qhr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.12.3
1
url pkg:maven/org.apache.activemq/activemq-client@5.13.2
purl pkg:maven/org.apache.activemq/activemq-client@5.13.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ws-cqf7-4udm
1
vulnerability VCID-9z4y-wq57-vyaf
2
vulnerability VCID-f5x2-zvxa-yba5
3
vulnerability VCID-nq1y-96n5-eugd
4
vulnerability VCID-q6zs-spcv-v7ey
5
vulnerability VCID-uw15-q255-zbe8
6
vulnerability VCID-xttf-9hx8-fbdb
7
vulnerability VCID-y7sj-71h1-3qhr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.13.2
aliases CVE-2016-0782, GHSA-8rcq-p4gh-vmj8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-brq9-y937-8faz
4
url VCID-f5x2-zvxa-yba5
vulnerability_id VCID-f5x2-zvxa-yba5
summary 
False positive
This advisory has been marked as a false positive.
references
0
reference_url http://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46604.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46604.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46604
reference_id
reference_type
scores
0
value 0.94436
scoring_system epss
scoring_elements 0.99987
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46604
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46604
4
reference_url http://seclists.org/fulldisclosure/2024/Apr/18
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url http://seclists.org/fulldisclosure/2024/Apr/18
5
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
6
reference_url https://github.com/apache/activemq/commit/22442b2385b1000312aec3d19e510131d595a5fc
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/22442b2385b1000312aec3d19e510131d595a5fc
7
reference_url https://github.com/apache/activemq/commit/80089f9f476afab7d976f5fc37c5ab4aa0c2139d
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/80089f9f476afab7d976f5fc37c5ab4aa0c2139d
8
reference_url https://github.com/apache/activemq/commit/958330df26cf3d5cdb63905dc2c6882e98781d8f
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/958330df26cf3d5cdb63905dc2c6882e98781d8f
9
reference_url https://github.com/apache/activemq/commit/9905e2a5bf9862a049f94ce0a2465b0c7ad52436
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/9905e2a5bf9862a049f94ce0a2465b0c7ad52436
10
reference_url https://github.com/apache/activemq/commit/d0ccdd31544ada83185554c87c7aa141064020f0
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/d0ccdd31544ada83185554c87c7aa141064020f0
11
reference_url https://github.com/apache/activemq/pull/1098
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/pull/1098
12
reference_url https://issues.apache.org/jira/browse/AMQ-9370
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AMQ-9370
13
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html
14
reference_url https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html
15
reference_url https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html
16
reference_url https://security.netapp.com/advisory/ntap-20231110-0010
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231110-0010
17
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46604
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46604
18
reference_url https://www.openwall.com/lists/oss-security/2023/10/27/5
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url https://www.openwall.com/lists/oss-security/2023/10/27/5
19
reference_url http://www.openwall.com/lists/oss-security/2023/10/27/5
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2023/10/27/5
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054909
reference_id 1054909
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054909
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2246645
reference_id 2246645
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2246645
22
reference_url https://activemq.apache.org/security-advisories.data/CVE-2023-46604
reference_id CVE-2023-46604
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://activemq.apache.org/security-advisories.data/CVE-2023-46604
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-46604
reference_id CVE-2023-46604
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-46604
24
reference_url https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
reference_id CVE-2023-46604-ANNOUNCEMENT.TXT
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
25
reference_url https://github.com/advisories/GHSA-crg9-44h2-xw35
reference_id GHSA-crg9-44h2-xw35
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-crg9-44h2-xw35
26
reference_url https://security.netapp.com/advisory/ntap-20231110-0010/
reference_id ntap-20231110-0010
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url https://security.netapp.com/advisory/ntap-20231110-0010/
27
reference_url https://access.redhat.com/errata/RHSA-2023:6849
reference_id RHSA-2023:6849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6849
28
reference_url https://access.redhat.com/errata/RHSA-2023:6866
reference_id RHSA-2023:6866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6866
29
reference_url https://access.redhat.com/errata/RHSA-2023:6877
reference_id RHSA-2023:6877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6877
30
reference_url https://access.redhat.com/errata/RHSA-2023:6878
reference_id RHSA-2023:6878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6878
31
reference_url https://access.redhat.com/errata/RHSA-2023:6879
reference_id RHSA-2023:6879
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6879
32
reference_url https://usn.ubuntu.com/6910-1/
reference_id USN-6910-1
reference_type
scores
url https://usn.ubuntu.com/6910-1/
33
reference_url https://usn.ubuntu.com/7268-1/
reference_id USN-7268-1
reference_type
scores
url https://usn.ubuntu.com/7268-1/
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-client@5.15.16
purl pkg:maven/org.apache.activemq/activemq-client@5.15.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q6zs-spcv-v7ey
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.15.16
1
url pkg:maven/org.apache.activemq/activemq-client@5.16.7
purl pkg:maven/org.apache.activemq/activemq-client@5.16.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q6zs-spcv-v7ey
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.16.7
2
url pkg:maven/org.apache.activemq/activemq-client@5.17.6
purl pkg:maven/org.apache.activemq/activemq-client@5.17.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q6zs-spcv-v7ey
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.17.6
3
url pkg:maven/org.apache.activemq/activemq-client@5.18.3
purl pkg:maven/org.apache.activemq/activemq-client@5.18.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q6zs-spcv-v7ey
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.18.3
aliases CVE-2023-46604, GHSA-crg9-44h2-xw35
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f5x2-zvxa-yba5
5
url VCID-nq1y-96n5-eugd
vulnerability_id VCID-nq1y-96n5-eugd
summary The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request.
references
0
reference_url http://activemq.apache.org/security-advisories.data/CVE-2016-3088-announcement.txt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:28:15Z/
url http://activemq.apache.org/security-advisories.data/CVE-2016-3088-announcement.txt
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-2036.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:28:15Z/
url http://rhn.redhat.com/errata/RHSA-2016-2036.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3088.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3088.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3088
reference_id
reference_type
scores
0
value 0.94226
scoring_system epss
scoring_elements 0.99926
published_at 2026-04-21T12:55:00Z
1
value 0.94294
scoring_system epss
scoring_elements 0.99942
published_at 2026-04-08T12:55:00Z
2
value 0.94294
scoring_system epss
scoring_elements 0.99943
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3088
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3088
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3088
5
reference_url https://github.com/apache/activemq/commit/3dd86d04e8b90ba309819317d19e7260d414d9e7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/3dd86d04e8b90ba309819317d19e7260d414d9e7
6
reference_url https://issues.apache.org/jira/browse/AMQ-6276
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AMQ-6276
7
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:28:15Z/
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/f956ea38e4da2e2c1e7131e6f91e41754852f5a4861d1a14ca5ca78a@%3Cusers.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f956ea38e4da2e2c1e7131e6f91e41754852f5a4861d1a14ca5ca78a@%3Cusers.activemq.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/f956ea38e4da2e2c1e7131e6f91e41754852f5a4861d1a14ca5ca78a%40%3Cusers.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:28:15Z/
url https://lists.apache.org/thread.html/f956ea38e4da2e2c1e7131e6f91e41754852f5a4861d1a14ca5ca78a%40%3Cusers.activemq.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:28:15Z/
url https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
13
reference_url https://stackoverflow.com/questions/67140241/configuring-activemq-webconsole-to-redirect-http-to-https
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://stackoverflow.com/questions/67140241/configuring-activemq-webconsole-to-redirect-http-to-https
14
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-3088
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-3088
15
reference_url https://www.exploit-db.com/exploits/42283
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/42283
16
reference_url https://www.exploit-db.com/exploits/42283/
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:28:15Z/
url https://www.exploit-db.com/exploits/42283/
17
reference_url http://www.securitytracker.com/id/1035951
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:28:15Z/
url http://www.securitytracker.com/id/1035951
18
reference_url http://www.zerodayinitiative.com/advisories/ZDI-16-356
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:28:15Z/
url http://www.zerodayinitiative.com/advisories/ZDI-16-356
19
reference_url http://www.zerodayinitiative.com/advisories/ZDI-16-357
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:28:15Z/
url http://www.zerodayinitiative.com/advisories/ZDI-16-357
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1339318
reference_id 1339318
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1339318
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
22
reference_url https://github.com/rapid7/metasploit-framework/blob/43d8c4c5e7450d46eba2f18e6e0b6ba70c6dc671/modules/exploits/multi/http/apache_activemq_upload_jsp.rb
reference_id CVE-2016-3088
reference_type exploit
scores
url https://github.com/rapid7/metasploit-framework/blob/43d8c4c5e7450d46eba2f18e6e0b6ba70c6dc671/modules/exploits/multi/http/apache_activemq_upload_jsp.rb
23
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/42283.rb
reference_id CVE-2016-3088
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/42283.rb
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3088
reference_id CVE-2016-3088
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3088
25
reference_url https://github.com/advisories/GHSA-rxqh-fc23-gxp2
reference_id GHSA-rxqh-fc23-gxp2
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rxqh-fc23-gxp2
26
reference_url https://access.redhat.com/errata/RHSA-2015:1176
reference_id RHSA-2015:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1176
27
reference_url https://access.redhat.com/errata/RHSA-2016:2036
reference_id RHSA-2016:2036
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2036
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-client@5.14.0
purl pkg:maven/org.apache.activemq/activemq-client@5.14.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ws-cqf7-4udm
1
vulnerability VCID-9z4y-wq57-vyaf
2
vulnerability VCID-f5x2-zvxa-yba5
3
vulnerability VCID-q6zs-spcv-v7ey
4
vulnerability VCID-uw15-q255-zbe8
5
vulnerability VCID-xttf-9hx8-fbdb
6
vulnerability VCID-y7sj-71h1-3qhr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.14.0
aliases CVE-2016-3088, GHSA-rxqh-fc23-gxp2
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nq1y-96n5-eugd
6
url VCID-pf5e-93cg-guav
vulnerability_id VCID-pf5e-93cg-guav
summary Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174371.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174371.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174537.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174537.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2016-2035.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2035.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2016-2036.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-2036.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5254.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5254.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5254
reference_id
reference_type
scores
0
value 0.8038
scoring_system epss
scoring_elements 0.99128
published_at 2026-04-21T12:55:00Z
1
value 0.8038
scoring_system epss
scoring_elements 0.99114
published_at 2026-04-01T12:55:00Z
2
value 0.8038
scoring_system epss
scoring_elements 0.99115
published_at 2026-04-02T12:55:00Z
3
value 0.8038
scoring_system epss
scoring_elements 0.99118
published_at 2026-04-04T12:55:00Z
4
value 0.8038
scoring_system epss
scoring_elements 0.99121
published_at 2026-04-07T12:55:00Z
5
value 0.8038
scoring_system epss
scoring_elements 0.99122
published_at 2026-04-08T12:55:00Z
6
value 0.8038
scoring_system epss
scoring_elements 0.99123
published_at 2026-04-13T12:55:00Z
7
value 0.8038
scoring_system epss
scoring_elements 0.99125
published_at 2026-04-16T12:55:00Z
8
value 0.8038
scoring_system epss
scoring_elements 0.99126
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5254
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5254
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5254
8
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
9
reference_url https://github.com/apache/activemq/commit/6f03921b31d9fefeddb0f4fa63150ed1f94a14b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/6f03921b31d9fefeddb0f4fa63150ed1f94a14b
10
reference_url https://github.com/apache/activemq/commit/73a0caf758f9e4916783a205c7e422b4db27905
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/73a0caf758f9e4916783a205c7e422b4db27905
11
reference_url https://github.com/apache/activemq/commit/7eb9b218b2705cf9273e30ee2da026e43b6dd4e
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/7eb9b218b2705cf9273e30ee2da026e43b6dd4e
12
reference_url https://github.com/apache/activemq/commit/a7e2a44fe8d4435ae99532eb0ab852e6247f7b16
reference_id
reference_type
scores
url https://github.com/apache/activemq/commit/a7e2a44fe8d4435ae99532eb0ab852e6247f7b16
13
reference_url https://github.com/apache/activemq/commit/d7a3b9406b8496c3f1508bebf3c7ff5367374b90
reference_id
reference_type
scores
url https://github.com/apache/activemq/commit/d7a3b9406b8496c3f1508bebf3c7ff5367374b90
14
reference_url https://github.com/apache/activemq/commit/e100638244c4ca5eb2a1f16bcdc671c9859c2694
reference_id
reference_type
scores
url https://github.com/apache/activemq/commit/e100638244c4ca5eb2a1f16bcdc671c9859c2694
15
reference_url https://github.com/apache/activemq/commit/e7a4b53f799685e337972dd36ba0253c04bcc01
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/e7a4b53f799685e337972dd36ba0253c04bcc01
16
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
17
reference_url https://issues.apache.org/jira/browse/AMQ-6013
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AMQ-6013
18
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
20
reference_url http://www.debian.org/security/2016/dsa-3524
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3524
21
reference_url http://www.openwall.com/lists/oss-security/2015/12/08/6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/12/08/6
22
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
23
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1291292
reference_id 1291292
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1291292
25
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809733
reference_id 809733
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809733
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.10.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.1:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.10.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.2:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.11.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.11.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.2:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.12.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.0:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.12.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.1:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5254
reference_id CVE-2015-5254
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5254
54
reference_url http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt
reference_id CVE-2015-5254-ANNOUNCEMENT.TXT
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt
55
reference_url https://github.com/advisories/GHSA-q9hr-3pg4-3jp4
reference_id GHSA-q9hr-3pg4-3jp4
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q9hr-3pg4-3jp4
56
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
57
reference_url https://access.redhat.com/errata/RHSA-2016:2035
reference_id RHSA-2016:2035
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2035
58
reference_url https://access.redhat.com/errata/RHSA-2016:2036
reference_id RHSA-2016:2036
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2036
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-client@5.12.2
purl pkg:maven/org.apache.activemq/activemq-client@5.12.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ws-cqf7-4udm
1
vulnerability VCID-99na-8tpm-syh1
2
vulnerability VCID-9z4y-wq57-vyaf
3
vulnerability VCID-brq9-y937-8faz
4
vulnerability VCID-f5x2-zvxa-yba5
5
vulnerability VCID-nq1y-96n5-eugd
6
vulnerability VCID-pf5e-93cg-guav
7
vulnerability VCID-q6zs-spcv-v7ey
8
vulnerability VCID-uw15-q255-zbe8
9
vulnerability VCID-xttf-9hx8-fbdb
10
vulnerability VCID-y7sj-71h1-3qhr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.12.2
1
url pkg:maven/org.apache.activemq/activemq-client@5.13.0
purl pkg:maven/org.apache.activemq/activemq-client@5.13.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ws-cqf7-4udm
1
vulnerability VCID-99na-8tpm-syh1
2
vulnerability VCID-9z4y-wq57-vyaf
3
vulnerability VCID-brq9-y937-8faz
4
vulnerability VCID-f5x2-zvxa-yba5
5
vulnerability VCID-nq1y-96n5-eugd
6
vulnerability VCID-q6zs-spcv-v7ey
7
vulnerability VCID-uw15-q255-zbe8
8
vulnerability VCID-xttf-9hx8-fbdb
9
vulnerability VCID-y7sj-71h1-3qhr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.13.0
aliases CVE-2015-5254, GHSA-q9hr-3pg4-3jp4
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pf5e-93cg-guav
7
url VCID-q6zs-spcv-v7ey
vulnerability_id VCID-q6zs-spcv-v7ey
summary 
Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ.

During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on the availability of the ActiveMQ broker when not using mutual TLS connections.
This issue affects Apache ActiveMQ: from 6.0.0 before 6.1.6, from 5.18.0 before 5.18.7, from 5.17.0 before 5.17.7, before 5.16.8. ActiveMQ 5.19.0 is not affected.

Users are recommended to upgrade to version 6.1.6+, 5.19.0+,  5.18.7+, 5.17.7, or 5.16.8 or which fixes the issue.

Existing users may implement mutual TLS to mitigate the risk on affected brokers.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27533.json
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27533.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27533
reference_id
reference_type
scores
0
value 0.02253
scoring_system epss
scoring_elements 0.84618
published_at 2026-04-21T12:55:00Z
1
value 0.02253
scoring_system epss
scoring_elements 0.84617
published_at 2026-04-18T12:55:00Z
2
value 0.02253
scoring_system epss
scoring_elements 0.84616
published_at 2026-04-16T12:55:00Z
3
value 0.02253
scoring_system epss
scoring_elements 0.84597
published_at 2026-04-13T12:55:00Z
4
value 0.02253
scoring_system epss
scoring_elements 0.84601
published_at 2026-04-12T12:55:00Z
5
value 0.02253
scoring_system epss
scoring_elements 0.84606
published_at 2026-04-11T12:55:00Z
6
value 0.02253
scoring_system epss
scoring_elements 0.84534
published_at 2026-04-02T12:55:00Z
7
value 0.02253
scoring_system epss
scoring_elements 0.8458
published_at 2026-04-08T12:55:00Z
8
value 0.02253
scoring_system epss
scoring_elements 0.84559
published_at 2026-04-07T12:55:00Z
9
value 0.02253
scoring_system epss
scoring_elements 0.84555
published_at 2026-04-04T12:55:00Z
10
value 0.02253
scoring_system epss
scoring_elements 0.84587
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27533
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27533
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27533
3
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/V:D/RE:M/U:Red
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
4
reference_url https://github.com/apache/activemq/commit/fc4372b9f0f72b8b5eed917f0019c5cea45c5d06
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/V:D/RE:M/U:Red
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/fc4372b9f0f72b8b5eed917f0019c5cea45c5d06
5
reference_url https://issues.apache.org/jira/browse/AMQ-6596
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/V:D/RE:M/U:Red
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AMQ-6596
6
reference_url https://lists.apache.org/thread/8hcm25vf7mchg4zbbhnlx2lc5bs705hg
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/V:D/RE:M/U:Red
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T13:59:20Z/
url https://lists.apache.org/thread/8hcm25vf7mchg4zbbhnlx2lc5bs705hg
7
reference_url https://lists.debian.org/debian-lts-announce/2025/06/msg00020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/V:D/RE:M/U:Red
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/06/msg00020.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-27533
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/V:D/RE:M/U:Red
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-27533
9
reference_url http://www.openwall.com/lists/oss-security/2025/05/06/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/AU:Y/R:A/V:D/RE:M/U:Red
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/05/06/1
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104933
reference_id 1104933
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104933
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2364684
reference_id 2364684
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2364684
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52288.py
reference_id CVE-2025-27533
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52288.py
13
reference_url https://github.com/advisories/GHSA-whxr-3p84-rf3c
reference_id GHSA-whxr-3p84-rf3c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-whxr-3p84-rf3c
14
reference_url https://access.redhat.com/errata/RHSA-2025:17567
reference_id RHSA-2025:17567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:17567
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-client@5.16.8
purl pkg:maven/org.apache.activemq/activemq-client@5.16.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.16.8
1
url pkg:maven/org.apache.activemq/activemq-client@5.17.7
purl pkg:maven/org.apache.activemq/activemq-client@5.17.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.17.7
2
url pkg:maven/org.apache.activemq/activemq-client@5.18.7
purl pkg:maven/org.apache.activemq/activemq-client@5.18.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.18.7
3
url pkg:maven/org.apache.activemq/activemq-client@6.1.6
purl pkg:maven/org.apache.activemq/activemq-client@6.1.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@6.1.6
aliases CVE-2025-27533, GHSA-whxr-3p84-rf3c
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q6zs-spcv-v7ey
8
url VCID-uw15-q255-zbe8
vulnerability_id VCID-uw15-q255-zbe8
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6810.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6810.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6810
reference_id
reference_type
scores
0
value 0.02149
scoring_system epss
scoring_elements 0.84241
published_at 2026-04-13T12:55:00Z
1
value 0.02149
scoring_system epss
scoring_elements 0.84244
published_at 2026-04-12T12:55:00Z
2
value 0.02149
scoring_system epss
scoring_elements 0.84249
published_at 2026-04-11T12:55:00Z
3
value 0.02149
scoring_system epss
scoring_elements 0.84231
published_at 2026-04-09T12:55:00Z
4
value 0.02149
scoring_system epss
scoring_elements 0.84225
published_at 2026-04-08T12:55:00Z
5
value 0.02149
scoring_system epss
scoring_elements 0.84203
published_at 2026-04-07T12:55:00Z
6
value 0.02149
scoring_system epss
scoring_elements 0.84202
published_at 2026-04-04T12:55:00Z
7
value 0.02149
scoring_system epss
scoring_elements 0.84184
published_at 2026-04-02T12:55:00Z
8
value 0.02149
scoring_system epss
scoring_elements 0.84171
published_at 2026-04-01T12:55:00Z
9
value 0.02149
scoring_system epss
scoring_elements 0.84262
published_at 2026-04-16T12:55:00Z
10
value 0.02149
scoring_system epss
scoring_elements 0.84264
published_at 2026-04-18T12:55:00Z
11
value 0.02936
scoring_system epss
scoring_elements 0.86443
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6810
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6810
3
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
4
reference_url https://github.com/apache/activemq/commit/77b827f
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/77b827f
5
reference_url https://github.com/apache/activemq/commit/c1157fe1f007ee2344a7f0badefa0794c98817cd
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/c1157fe1f007ee2344a7f0badefa0794c98817cd
6
reference_url https://github.com/apache/activemq/commit/e16ed24
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/e16ed24
7
reference_url https://issues.apache.org/jira/browse/AMQ-6468
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AMQ-6468
8
reference_url https://lists.apache.org/thread.html/924a3a27fad192d711436421e02977ff90d9fc0f298e1efe6757cfbc@%3Cusers.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/924a3a27fad192d711436421e02977ff90d9fc0f298e1efe6757cfbc@%3Cusers.activemq.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/924a3a27fad192d711436421e02977ff90d9fc0f298e1efe6757cfbc%40%3Cusers.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/924a3a27fad192d711436421e02977ff90d9fc0f298e1efe6757cfbc%40%3Cusers.activemq.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
12
reference_url http://www.securityfocus.com/bid/94882
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94882
13
reference_url http://www.securitytracker.com/id/1037475
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037475
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1404645
reference_id 1404645
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1404645
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-6810
reference_id CVE-2016-6810
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-6810
17
reference_url http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announcement.txt
reference_id CVE-2016-6810-ANNOUNCEMENT.TXT
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announcement.txt
18
reference_url https://github.com/advisories/GHSA-5jg4-p78r-p5j3
reference_id GHSA-5jg4-p78r-p5j3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5jg4-p78r-p5j3
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-client@5.14.2
purl pkg:maven/org.apache.activemq/activemq-client@5.14.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ws-cqf7-4udm
1
vulnerability VCID-9z4y-wq57-vyaf
2
vulnerability VCID-f5x2-zvxa-yba5
3
vulnerability VCID-q6zs-spcv-v7ey
4
vulnerability VCID-xttf-9hx8-fbdb
5
vulnerability VCID-y7sj-71h1-3qhr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.14.2
aliases CVE-2016-6810, GHSA-5jg4-p78r-p5j3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uw15-q255-zbe8
9
url VCID-xttf-9hx8-fbdb
vulnerability_id VCID-xttf-9hx8-fbdb
summary TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:3892
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3892
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11775.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11775.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11775
reference_id
reference_type
scores
0
value 0.00492
scoring_system epss
scoring_elements 0.6562
published_at 2026-04-13T12:55:00Z
1
value 0.00492
scoring_system epss
scoring_elements 0.65648
published_at 2026-04-12T12:55:00Z
2
value 0.00492
scoring_system epss
scoring_elements 0.65663
published_at 2026-04-11T12:55:00Z
3
value 0.00492
scoring_system epss
scoring_elements 0.65643
published_at 2026-04-09T12:55:00Z
4
value 0.00492
scoring_system epss
scoring_elements 0.65649
published_at 2026-04-21T12:55:00Z
5
value 0.00492
scoring_system epss
scoring_elements 0.65668
published_at 2026-04-18T12:55:00Z
6
value 0.00492
scoring_system epss
scoring_elements 0.65655
published_at 2026-04-16T12:55:00Z
7
value 0.00492
scoring_system epss
scoring_elements 0.65578
published_at 2026-04-07T12:55:00Z
8
value 0.00492
scoring_system epss
scoring_elements 0.65612
published_at 2026-04-04T12:55:00Z
9
value 0.00492
scoring_system epss
scoring_elements 0.65582
published_at 2026-04-02T12:55:00Z
10
value 0.00492
scoring_system epss
scoring_elements 0.65533
published_at 2026-04-01T12:55:00Z
11
value 0.00492
scoring_system epss
scoring_elements 0.6563
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11775
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11775
4
reference_url https://github.com/advisories/GHSA-m9w8-v359-9ffr
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-m9w8-v359-9ffr
5
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
6
reference_url https://github.com/apache/activemq/commit/02971a40e281713a8397d3a1809c164b594abfbb
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/02971a40e281713a8397d3a1809c164b594abfbb
7
reference_url https://github.com/apache/activemq/commit/bde7097fb8173cf871827df7811b3865679b963d
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/bde7097fb8173cf871827df7811b3865679b963d
8
reference_url https://issues.apache.org/jira/browse/AMQ-7047
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AMQ-7047
9
reference_url https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E
14
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html
15
reference_url http://www.securityfocus.com/bid/105335
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/105335
16
reference_url http://www.securitytracker.com/id/1041618
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1041618
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1629083
reference_id 1629083
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1629083
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908950
reference_id 908950
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908950
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-11775
reference_id CVE-2018-11775
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-11775
20
reference_url http://activemq.apache.org/security-advisories.data/CVE-2018-11775-announcement.txt
reference_id CVE-2018-11775-ANNOUNCEMENT.TXT
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2018-11775-announcement.txt
21
reference_url https://usn.ubuntu.com/6910-1/
reference_id USN-6910-1
reference_type
scores
url https://usn.ubuntu.com/6910-1/
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-client@5.15.6
purl pkg:maven/org.apache.activemq/activemq-client@5.15.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ws-cqf7-4udm
1
vulnerability VCID-9z4y-wq57-vyaf
2
vulnerability VCID-f5x2-zvxa-yba5
3
vulnerability VCID-q6zs-spcv-v7ey
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.15.6
aliases CVE-2018-11775, GHSA-m9w8-v359-9ffr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xttf-9hx8-fbdb
10
url VCID-y7sj-71h1-3qhr
vulnerability_id VCID-y7sj-71h1-3qhr
summary It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7559.json
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7559.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7559
reference_id
reference_type
scores
0
value 0.00082
scoring_system epss
scoring_elements 0.24045
published_at 2026-04-21T12:55:00Z
1
value 0.00082
scoring_system epss
scoring_elements 0.24078
published_at 2026-04-01T12:55:00Z
2
value 0.00082
scoring_system epss
scoring_elements 0.24208
published_at 2026-04-02T12:55:00Z
3
value 0.00082
scoring_system epss
scoring_elements 0.24244
published_at 2026-04-04T12:55:00Z
4
value 0.00082
scoring_system epss
scoring_elements 0.2403
published_at 2026-04-07T12:55:00Z
5
value 0.00082
scoring_system epss
scoring_elements 0.24097
published_at 2026-04-08T12:55:00Z
6
value 0.00082
scoring_system epss
scoring_elements 0.24143
published_at 2026-04-09T12:55:00Z
7
value 0.00082
scoring_system epss
scoring_elements 0.2416
published_at 2026-04-11T12:55:00Z
8
value 0.00082
scoring_system epss
scoring_elements 0.24118
published_at 2026-04-12T12:55:00Z
9
value 0.00082
scoring_system epss
scoring_elements 0.24061
published_at 2026-04-13T12:55:00Z
10
value 0.00082
scoring_system epss
scoring_elements 0.24074
published_at 2026-04-16T12:55:00Z
11
value 0.00082
scoring_system epss
scoring_elements 0.24062
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7559
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7559
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7559
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7559
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7559
4
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
5
reference_url https://github.com/apache/activemq/commit/338a74dfa42a7b19d39adecacfa5f626a050e807
reference_id
reference_type
scores
url https://github.com/apache/activemq/commit/338a74dfa42a7b19d39adecacfa5f626a050e807
6
reference_url https://github.com/apache/activemq/commit/b8fc78ec6c367cbe2a40a674eaec64ac3d7d1ec
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/b8fc78ec6c367cbe2a40a674eaec64ac3d7d1ec
7
reference_url https://issues.apache.org/jira/browse/AMQ-6470
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AMQ-6470
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7559
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7559
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1293972
reference_id 1293972
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1293972
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860866
reference_id 860866
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860866
11
reference_url https://github.com/advisories/GHSA-jvpp-hxjj-5ccc
reference_id GHSA-jvpp-hxjj-5ccc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jvpp-hxjj-5ccc
12
reference_url https://usn.ubuntu.com/6910-1/
reference_id USN-6910-1
reference_type
scores
url https://usn.ubuntu.com/6910-1/
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-client@5.14.5
purl pkg:maven/org.apache.activemq/activemq-client@5.14.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ws-cqf7-4udm
1
vulnerability VCID-9z4y-wq57-vyaf
2
vulnerability VCID-f5x2-zvxa-yba5
3
vulnerability VCID-q6zs-spcv-v7ey
4
vulnerability VCID-xttf-9hx8-fbdb
5
vulnerability VCID-y7sj-71h1-3qhr
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.14.5
1
url pkg:maven/org.apache.activemq/activemq-client@5.15.5
purl pkg:maven/org.apache.activemq/activemq-client@5.15.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-37ws-cqf7-4udm
1
vulnerability VCID-9z4y-wq57-vyaf
2
vulnerability VCID-f5x2-zvxa-yba5
3
vulnerability VCID-q6zs-spcv-v7ey
4
vulnerability VCID-xttf-9hx8-fbdb
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.15.5
aliases CVE-2015-7559, GHSA-jvpp-hxjj-5ccc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y7sj-71h1-3qhr
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-client@5.12.0