Package Instance

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/994d9b26

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/994d9b26

reference_url

https://github.com/apache/activemq/commit/f8b3de86d8154db5680433e46734b2bd9ced852b

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/f8b3de86d8154db5680433e46734b2bd9ced852b

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E

reference_url

https://web.archive.org/web/20161110092459/http://secunia.com/advisories/62649

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20161110092459/http://secunia.com/advisories/62649

reference_url

https://web.archive.org/web/20200228044455/http://www.securityfocus.com/bid/72511

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200228044455/http://www.securityfocus.com/bid/72511

reference_url	http://www.securityfocus.com/bid/72511
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/72511

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-8110

reference_id

CVE-2014-8110

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2014-8110

reference_url

http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt

reference_id

CVE-2014-8110-ANNOUNCEMENT.TXT

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://activemq.apache.org/security-advisories.data/CVE-2014-8110-announcement.txt

reference_url

https://github.com/advisories/GHSA-9cvr-8xq4-2m73

reference_id

GHSA-9cvr-8xq4-2m73

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9cvr-8xq4-2m73

fixed_packages

url	pkg:deb/debian/activemq@0?distro=trixie
purl	pkg:deb/debian/activemq@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@0%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie

url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q6zs-spcv-v7ey

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2014-8110, GHSA-9cvr-8xq4-2m73

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3222-6uvd-7be5

url VCID-4up3-b171-g7aj

vulnerability_id VCID-4up3-b171-g7aj

summary

Apache ActiveMQ default configuration subject to denial of service
The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.

references

reference_url	http://activemq.2283324.n4.nabble.com/DISCUSS-ActiveMQ-out-of-the-box-Should-not-include-the-demos-tc4658044.html
reference_id
reference_type
scores
url	http://activemq.2283324.n4.nabble.com/DISCUSS-ActiveMQ-out-of-the-box-Should-not-include-the-demos-tc4658044.html

reference_url

http://activemq.apache.org/activemq-580-release.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://activemq.apache.org/activemq-580-release.html

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2012-6551

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6551.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6551.json

reference_url

reference_id

reference_type

scores

value	0.08363
scoring_system	epss
scoring_elements	0.92311
published_at	2026-04-18T12:55:00Z

value	0.08363
scoring_system	epss
scoring_elements	0.92265
published_at	2026-04-01T12:55:00Z

value	0.08363
scoring_system	epss
scoring_elements	0.92271
published_at	2026-04-02T12:55:00Z

value	0.08363
scoring_system	epss
scoring_elements	0.92277
published_at	2026-04-04T12:55:00Z

value	0.08363
scoring_system	epss
scoring_elements	0.9228
published_at	2026-04-07T12:55:00Z

value	0.08363
scoring_system	epss
scoring_elements	0.92291
published_at	2026-04-08T12:55:00Z

value	0.08363
scoring_system	epss
scoring_elements	0.92295
published_at	2026-04-09T12:55:00Z

value	0.08363
scoring_system	epss
scoring_elements	0.92301
published_at	2026-04-11T12:55:00Z

value	0.08363
scoring_system	epss
scoring_elements	0.92302
published_at	2026-04-12T12:55:00Z

value	0.08363
scoring_system	epss
scoring_elements	0.923
published_at	2026-04-13T12:55:00Z

value	0.08363
scoring_system	epss
scoring_elements	0.92312
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-6551

reference_url	https://fisheye6.atlassian.com/changelog/activemq?cs=1404998
reference_id
reference_type
scores
url	https://fisheye6.atlassian.com/changelog/activemq?cs=1404998

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/22bc55b9487df98a3c3cb04f99f4618fcba364fe

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/22bc55b9487df98a3c3cb04f99f4618fcba364fe

reference_url

https://github.com/apache/activemq/commit/437ea2f6e58d18837ae0e68dcd2fdadc1fff3723

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/437ea2f6e58d18837ae0e68dcd2fdadc1fff3723

reference_url

https://github.com/apache/activemq/commit/ced33d2551a040813cb40bd6d36fdd322034fa73

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/ced33d2551a040813cb40bd6d36fdd322034fa73

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-6551

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-6551

reference_url

https://web.archive.org/web/20130916074709/http://activemq.2283324.n4.nabble.com/DISCUSS-ActiveMQ-out-of-the-box-Should-not-include-the-demos-tc4658044.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20130916074709/http://activemq.2283324.n4.nabble.com/DISCUSS-ActiveMQ-out-of-the-box-Should-not-include-the-demos-tc4658044.html

reference_url

https://web.archive.org/web/20200228042520/http://www.securityfocus.com/bid/59401

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200228042520/http://www.securityfocus.com/bid/59401

reference_url	http://www.securityfocus.com/bid/59401
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/59401

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=955907
reference_id	955907
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=955907

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq::::::::
reference_id	cpe:2.3:a:apache:activemq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:m4::::::
reference_id	cpe:2.3:a:apache:activemq:4.0:m4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:m4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:rc2::::::
reference_id	cpe:2.3:a:apache:activemq:4.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:::::::*

reference_url

https://github.com/advisories/GHSA-34fp-xvxp-rg22

reference_id

GHSA-34fp-xvxp-rg22

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-34fp-xvxp-rg22

reference_url	https://access.redhat.com/errata/RHSA-2013:1029
reference_id	RHSA-2013:1029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1029

fixed_packages

url	pkg:deb/debian/activemq@0?distro=trixie
purl	pkg:deb/debian/activemq@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@0%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie

url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q6zs-spcv-v7ey

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2012-6551, GHSA-34fp-xvxp-rg22

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4up3-b171-g7aj

url VCID-99na-8tpm-syh1

vulnerability_id VCID-99na-8tpm-syh1

summary The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element.

references

reference_url

https://access.redhat.com/errata/RHSA-2016:1424

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2016:1424

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0734.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0734.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-0734

reference_id

reference_type

scores

value	0.02975
scoring_system	epss
scoring_elements	0.86527
published_at	2026-04-21T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86449
published_at	2026-04-01T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86459
published_at	2026-04-02T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86478
published_at	2026-04-04T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86477
published_at	2026-04-07T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86497
published_at	2026-04-08T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86507
published_at	2026-04-09T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86522
published_at	2026-04-11T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86519
published_at	2026-04-12T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86513
published_at	2026-04-13T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86528
published_at	2026-04-16T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86534
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0734

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/028a33ea7d73fabe6161defffdbfc85578328a68

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/028a33ea7d73fabe6161defffdbfc85578328a68

reference_url

https://github.com/apache/activemq/commit/24ad36778534c5ac888f880837075449169578ad

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/24ad36778534c5ac888f880837075449169578ad

reference_url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_url	https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E

reference_url

http://www.openwall.com/lists/oss-security/2016/03/10/11

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2016/03/10/11

reference_url	http://www.securityfocus.com/bid/84321
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84321

reference_url	http://www.securitytracker.com/id/1035327
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035327

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1317520
reference_id	1317520
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1317520

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.10.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.10.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.11.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.11.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.11.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.11.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.12.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.12.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.12.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.13.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.13.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.13.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.3:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.8.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.9.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-0734

reference_id

CVE-2016-0734

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2016-0734

reference_url

http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt

reference_id

CVE-2016-0734-ANNOUNCEMENT.TXT

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt

reference_url

https://github.com/advisories/GHSA-w525-w93j-rxgm

reference_id

GHSA-w525-w93j-rxgm

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-w525-w93j-rxgm

fixed_packages

url	pkg:deb/debian/activemq@0?distro=trixie
purl	pkg:deb/debian/activemq@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@0%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie

url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q6zs-spcv-v7ey

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2016-0734, GHSA-w525-w93j-rxgm

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-99na-8tpm-syh1

url VCID-a7j9-mzvg-cycr

vulnerability_id VCID-a7j9-mzvg-cycr

summary Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet in the demo web application in Apache ActiveMQ before 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the refresh parameter to demo/portfolioPublish, a different vulnerability than CVE-2012-6092.

references

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1880

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1880.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1880.json

reference_url

reference_id

reference_type

scores

value	0.01367
scoring_system	epss
scoring_elements	0.8023
published_at	2026-04-21T12:55:00Z

value	0.01367
scoring_system	epss
scoring_elements	0.80188
published_at	2026-04-08T12:55:00Z

value	0.01367
scoring_system	epss
scoring_elements	0.80196
published_at	2026-04-09T12:55:00Z

value	0.01367
scoring_system	epss
scoring_elements	0.80216
published_at	2026-04-11T12:55:00Z

value	0.01367
scoring_system	epss
scoring_elements	0.80202
published_at	2026-04-12T12:55:00Z

value	0.01367
scoring_system	epss
scoring_elements	0.80197
published_at	2026-04-13T12:55:00Z

value	0.01367
scoring_system	epss
scoring_elements	0.80226
published_at	2026-04-16T12:55:00Z

value	0.01367
scoring_system	epss
scoring_elements	0.80227
published_at	2026-04-18T12:55:00Z

value	0.01367
scoring_system	epss
scoring_elements	0.80145
published_at	2026-04-01T12:55:00Z

value	0.01367
scoring_system	epss
scoring_elements	0.80152
published_at	2026-04-02T12:55:00Z

value	0.01367
scoring_system	epss
scoring_elements	0.80172
published_at	2026-04-04T12:55:00Z

value	0.01367
scoring_system	epss
scoring_elements	0.8016
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1880

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=924447

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=924447

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/fafd12dfd4f71336f8e32c090d40ed1445959b40

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/fafd12dfd4f71336f8e32c090d40ed1445959b40

reference_url

https://issues.apache.org/jira/browse/AMQ-4398

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/AMQ-4398

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-1880

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-1880

reference_url

http://www.securityfocus.com/bid/65615

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/65615

reference_url

https://github.com/advisories/GHSA-c9gx-27hq-wcvj

reference_id

GHSA-c9gx-27hq-wcvj

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-c9gx-27hq-wcvj

reference_url	https://access.redhat.com/errata/RHSA-2013:1029
reference_id	RHSA-2013:1029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1029

fixed_packages

url	pkg:deb/debian/activemq@0?distro=trixie
purl	pkg:deb/debian/activemq@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@0%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie

url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q6zs-spcv-v7ey

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2013-1880, GHSA-c9gx-27hq-wcvj

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7j9-mzvg-cycr

url VCID-anw6-f8f2-q3hx

vulnerability_id VCID-anw6-f8f2-q3hx

summary Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551.

references

reference_url

http://activemq.apache.org/activemq-580-release.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://activemq.apache.org/activemq-580-release.html

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2012-6092

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6092.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6092.json

reference_url

reference_id

reference_type

scores

value	0.02575
scoring_system	epss
scoring_elements	0.85576
published_at	2026-04-21T12:55:00Z

value	0.02575
scoring_system	epss
scoring_elements	0.85509
published_at	2026-04-04T12:55:00Z

value	0.02575
scoring_system	epss
scoring_elements	0.85514
published_at	2026-04-07T12:55:00Z

value	0.02575
scoring_system	epss
scoring_elements	0.85534
published_at	2026-04-08T12:55:00Z

value	0.02575
scoring_system	epss
scoring_elements	0.85543
published_at	2026-04-09T12:55:00Z

value	0.02575
scoring_system	epss
scoring_elements	0.85557
published_at	2026-04-11T12:55:00Z

value	0.02575
scoring_system	epss
scoring_elements	0.85555
published_at	2026-04-12T12:55:00Z

value	0.02575
scoring_system	epss
scoring_elements	0.85551
published_at	2026-04-13T12:55:00Z

value	0.02575
scoring_system	epss
scoring_elements	0.85574
published_at	2026-04-16T12:55:00Z

value	0.02575
scoring_system	epss
scoring_elements	0.85579
published_at	2026-04-18T12:55:00Z

value	0.02575
scoring_system	epss
scoring_elements	0.85481
published_at	2026-04-01T12:55:00Z

value	0.02575
scoring_system	epss
scoring_elements	0.85493
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-6092

reference_url

https://fisheye6.atlassian.com/changelog/activemq?cs=1399577

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://fisheye6.atlassian.com/changelog/activemq?cs=1399577

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/51eb87a84be88d28383ea48f6e341ffe1203c5ba

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/51eb87a84be88d28383ea48f6e341ffe1203c5ba

reference_url

https://issues.apache.org/jira/browse/AMQ-4115

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/AMQ-4115

reference_url

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282

reference_url

http://www.securityfocus.com/bid/59400

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/59400

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=955906
reference_id	955906
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=955906

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq::::::::
reference_id	cpe:2.3:a:apache:activemq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:m4::::::
reference_id	cpe:2.3:a:apache:activemq:4.0:m4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:m4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:rc2::::::
reference_id	cpe:2.3:a:apache:activemq:4.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-6092

reference_id

CVE-2012-6092

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-6092

reference_url

https://github.com/advisories/GHSA-rp9p-863f-9c4h

reference_id

GHSA-rp9p-863f-9c4h

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-rp9p-863f-9c4h

reference_url	https://access.redhat.com/errata/RHSA-2013:1029
reference_id	RHSA-2013:1029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1029

fixed_packages

url	pkg:deb/debian/activemq@0?distro=trixie
purl	pkg:deb/debian/activemq@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@0%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie

url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q6zs-spcv-v7ey

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2012-6092, GHSA-rp9p-863f-9c4h

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-anw6-f8f2-q3hx

url VCID-pe37-xakm-3qb4

vulnerability_id VCID-pe37-xakm-3qb4

summary

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack: https://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html "A remote client could create a javax.management.loading.MLet MBean and use it to create new MBeans from arbitrary URLs, at least if there is no security manager. In other words, a rogue remote client could make your Java application execute arbitrary code." Mitigation: Upgrade to Apache ActiveMQ 5.15.13

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-11998

reference_id

reference_type

scores

value	0.06913
scoring_system	epss
scoring_elements	0.91424
published_at	2026-04-18T12:55:00Z

value	0.06913
scoring_system	epss
scoring_elements	0.91428
published_at	2026-04-16T12:55:00Z

value	0.06913
scoring_system	epss
scoring_elements	0.91403
published_at	2026-04-13T12:55:00Z

value	0.06913
scoring_system	epss
scoring_elements	0.91404
published_at	2026-04-12T12:55:00Z

value	0.06913
scoring_system	epss
scoring_elements	0.91401
published_at	2026-04-11T12:55:00Z

value	0.06913
scoring_system	epss
scoring_elements	0.91395
published_at	2026-04-09T12:55:00Z

value	0.06913
scoring_system	epss
scoring_elements	0.91388
published_at	2026-04-08T12:55:00Z

value	0.06913
scoring_system	epss
scoring_elements	0.91376
published_at	2026-04-07T12:55:00Z

value	0.06913
scoring_system	epss
scoring_elements	0.91353
published_at	2026-04-01T12:55:00Z

value	0.06913
scoring_system	epss
scoring_elements	0.91368
published_at	2026-04-04T12:55:00Z

value	0.06913
scoring_system	epss
scoring_elements	0.91358
published_at	2026-04-02T12:55:00Z

value	0.06913
scoring_system	epss
scoring_elements	0.91425
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-11998

reference_url

https://github.com/apache/activemq/commit/0d6e5f2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/0d6e5f2

reference_url

https://github.com/apache/activemq/commit/88b78d0

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/88b78d0

reference_url

https://github.com/apache/activemq/commit/aa8900c

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/aa8900c

reference_url

https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rb2fd3bf2dce042e0ab3f3c94c4767c96bb2e7e6737624d63162df36d@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rb2fd3bf2dce042e0ab3f3c94c4767c96bb2e7e6737624d63162df36d@%3Ccommits.activemq.apache.org%3E

reference_url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuApr2021.html

reference_url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2021.html

reference_url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com//security-alerts/cpujul2021.html

reference_url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuoct2021.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-11998

reference_id

CVE-2020-11998

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-11998

reference_url

http://activemq.apache.org/security-advisories.data/CVE-2020-11998-announcement.txt

reference_id

CVE-2020-11998-ANNOUNCEMENT.TXT

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://activemq.apache.org/security-advisories.data/CVE-2020-11998-announcement.txt

reference_url

https://github.com/advisories/GHSA-wqfh-9m4g-7x6x

reference_id

GHSA-wqfh-9m4g-7x6x

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-wqfh-9m4g-7x6x

fixed_packages

url	pkg:deb/debian/activemq@0?distro=trixie
purl	pkg:deb/debian/activemq@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@0%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie

url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q6zs-spcv-v7ey

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2020-11998, GHSA-wqfh-9m4g-7x6x

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pe37-xakm-3qb4

url VCID-rsxq-hkds-vueh

vulnerability_id VCID-rsxq-hkds-vueh

summary

Improper Authentication in Apache ActiveMQ
The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.

references

reference_url

http://activemq.2283324.n4.nabble.com/DISCUSS-ActiveMQ-out-of-the-box-Should-not-include-the-demos-tc4658044.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://activemq.2283324.n4.nabble.com/DISCUSS-ActiveMQ-out-of-the-box-Should-not-include-the-demos-tc4658044.html

reference_url

http://activemq.apache.org/activemq-580-release.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://activemq.apache.org/activemq-580-release.html

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1221.html

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1221.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3060.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3060.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-3060

reference_id

reference_type

scores

value	0.01019
scoring_system	epss
scoring_elements	0.77219
published_at	2026-04-13T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77223
published_at	2026-04-12T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77244
published_at	2026-04-11T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77207
published_at	2026-04-08T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77252
published_at	2026-04-21T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.7726
published_at	2026-04-18T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77259
published_at	2026-04-16T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77193
published_at	2026-04-04T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77175
published_at	2026-04-07T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77157
published_at	2026-04-01T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77216
published_at	2026-04-09T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77164
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-3060

reference_url

https://fisheye6.atlassian.com/changelog/activemq?cs=1404998

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://fisheye6.atlassian.com/changelog/activemq?cs=1404998

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/22bc55b9487df98a3c3cb04f99f4618fcba364fe

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/22bc55b9487df98a3c3cb04f99f4618fcba364fe

reference_url

https://github.com/apache/activemq/commit/437ea2f6e58d18837ae0e68dcd2fdadc1fff3723

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/437ea2f6e58d18837ae0e68dcd2fdadc1fff3723

reference_url

https://github.com/apache/activemq/commit/ced33d2551a040813cb40bd6d36fdd322034fa73

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/ced33d2551a040813cb40bd6d36fdd322034fa73

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311210&version=12323282

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-3060

reference_id

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-3060

reference_url	http://www.securityfocus.com/bid/59402
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/59402

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=955908
reference_id	955908
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=955908

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq::::::::
reference_id	cpe:2.3:a:apache:activemq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:m4::::::
reference_id	cpe:2.3:a:apache:activemq:4.0:m4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:m4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:rc2::::::
reference_id	cpe:2.3:a:apache:activemq:4.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:4.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:4.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:::::::*

reference_url

https://github.com/advisories/GHSA-p358-58jj-hp65

reference_id

GHSA-p358-58jj-hp65

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-p358-58jj-hp65

reference_url	https://access.redhat.com/errata/RHSA-2013:1029
reference_id	RHSA-2013:1029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1029

reference_url	https://access.redhat.com/errata/RHSA-2013:1221
reference_id	RHSA-2013:1221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1221

fixed_packages

url	pkg:deb/debian/activemq@0?distro=trixie
purl	pkg:deb/debian/activemq@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@0%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie

url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q6zs-spcv-v7ey

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2013-3060, GHSA-p358-58jj-hp65

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsxq-hkds-vueh

url VCID-tyaw-6dpw-mudm

vulnerability_id VCID-tyaw-6dpw-mudm

summary

Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT vulnerable to Integer Overflow or Wraparound
Integer Overflow or Wraparound vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT.

The fix for "CVE-2025-66168: MQTT control packet remaining length field is not properly validated" was only applied to 5.19.2 (and future 5.19.x) releases but was missed for all 6.0.0+ versions. This issue affects Apache ActiveMQ: from 6.0.0 before 6.2.4; Apache ActiveMQ All: from 6.0.0 before 6.2.4; Apache ActiveMQ MQTT: from 6.0.0 before 6.2.4.

Users are recommended to upgrade to version 6.2.4 or a 5.19.x version starting with 5.19.2 or later (currently latest is 5.19.5), which fixes the issue.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40046.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40046.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-40046

reference_id

reference_type

scores

value	0.00038
scoring_system	epss
scoring_elements	0.11399
published_at	2026-04-11T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11336
published_at	2026-04-13T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11365
published_at	2026-04-12T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15298
published_at	2026-04-21T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15243
published_at	2026-04-16T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15247
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-40046

reference_url

https://lists.apache.org/thread/zdntj5rcgjjzrpow84o339lzldy68zrg

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T19:39:38Z/

url

https://lists.apache.org/thread/zdntj5rcgjjzrpow84o339lzldy68zrg

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-40046

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-40046

reference_url

https://www.cve.org/CVERecord?id=CVE-2025-66168

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T19:39:38Z/

url

https://www.cve.org/CVERecord?id=CVE-2025-66168

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2456950
reference_id	2456950
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2456950

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2026-40046-announcement.txt

reference_id

CVE-2026-40046-announcement.txt

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T19:39:38Z/

url

https://activemq.apache.org/security-advisories.data/CVE-2026-40046-announcement.txt

reference_url

https://github.com/advisories/GHSA-xvqc-pp94-fmpx

reference_id

GHSA-xvqc-pp94-fmpx

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xvqc-pp94-fmpx

fixed_packages

url	pkg:deb/debian/activemq@0?distro=trixie
purl	pkg:deb/debian/activemq@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@0%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie

url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q6zs-spcv-v7ey

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2026-40046, GHSA-xvqc-pp94-fmpx

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tyaw-6dpw-mudm

url VCID-uc2f-713u-skcc

vulnerability_id VCID-uc2f-713u-skcc

summary Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."

references

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1879

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1879.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1879.json

reference_url

reference_id

reference_type

scores

value	0.05475
scoring_system	epss
scoring_elements	0.90216
published_at	2026-04-21T12:55:00Z

value	0.05475
scoring_system	epss
scoring_elements	0.9016
published_at	2026-04-02T12:55:00Z

value	0.05475
scoring_system	epss
scoring_elements	0.90172
published_at	2026-04-04T12:55:00Z

value	0.05475
scoring_system	epss
scoring_elements	0.90178
published_at	2026-04-07T12:55:00Z

value	0.05475
scoring_system	epss
scoring_elements	0.90194
published_at	2026-04-08T12:55:00Z

value	0.05475
scoring_system	epss
scoring_elements	0.90199
published_at	2026-04-09T12:55:00Z

value	0.05475
scoring_system	epss
scoring_elements	0.90208
published_at	2026-04-11T12:55:00Z

value	0.05475
scoring_system	epss
scoring_elements	0.90207
published_at	2026-04-12T12:55:00Z

value	0.05475
scoring_system	epss
scoring_elements	0.90202
published_at	2026-04-13T12:55:00Z

value	0.05475
scoring_system	epss
scoring_elements	0.9022
published_at	2026-04-18T12:55:00Z

value	0.05475
scoring_system	epss
scoring_elements	0.90158
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1879

reference_url

http://secunia.com/advisories/54073

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://secunia.com/advisories/54073

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/85586

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/85586

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/148ca81dcd8f14cfe2ff37012fd1aa42518f02dc

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/148ca81dcd8f14cfe2ff37012fd1aa42518f02dc

reference_url

https://issues.apache.org/jira/browse/AMQ-4397

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/AMQ-4397

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-1879

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-1879

reference_url

http://www.securityfocus.com/bid/61142

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/61142

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=924446
reference_id	924446
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=924446

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq::::::::
reference_id	cpe:2.3:a:apache:activemq::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:::::::*
reference_id	cpe:2.3:a:apache:activemq:5.7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:::::::*

reference_url

https://github.com/advisories/GHSA-mfhr-3xmc-r2gg

reference_id

GHSA-mfhr-3xmc-r2gg

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mfhr-3xmc-r2gg

reference_url	https://access.redhat.com/errata/RHSA-2013:1029
reference_id	RHSA-2013:1029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1029

fixed_packages

url	pkg:deb/debian/activemq@0?distro=trixie
purl	pkg:deb/debian/activemq@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@0%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie

url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q6zs-spcv-v7ey

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2013-1879, GHSA-mfhr-3xmc-r2gg

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uc2f-713u-skcc

url VCID-vbqu-ak2c-gqez

vulnerability_id VCID-vbqu-ak2c-gqez

summary Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors.

references

reference_url

http://packetstormsecurity.com/files/156643/Apache-ActiveMQ-5.11.1-Directory-Traversal-Shell-Upload.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://packetstormsecurity.com/files/156643/Apache-ActiveMQ-5.11.1-Directory-Traversal-Shell-Upload.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-1830

reference_id

reference_type

scores

value	0.86019
scoring_system	epss
scoring_elements	0.99396
published_at	2026-04-16T12:55:00Z

value	0.86019
scoring_system	epss
scoring_elements	0.99394
published_at	2026-04-18T12:55:00Z

value	0.86019
scoring_system	epss
scoring_elements	0.99393
published_at	2026-04-11T12:55:00Z

value	0.86019
scoring_system	epss
scoring_elements	0.99392
published_at	2026-04-09T12:55:00Z

value	0.86019
scoring_system	epss
scoring_elements	0.99391
published_at	2026-04-08T12:55:00Z

value	0.86019
scoring_system	epss
scoring_elements	0.9939
published_at	2026-04-07T12:55:00Z

value	0.86019
scoring_system	epss
scoring_elements	0.99388
published_at	2026-04-04T12:55:00Z

value	0.86019
scoring_system	epss
scoring_elements	0.99387
published_at	2026-04-02T12:55:00Z

value	0.86019
scoring_system	epss
scoring_elements	0.99395
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-1830

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/729c4731574ffffaf58ebefdbaeb3bd19ed1c7b7

reference_url

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/729c4731574ffffaf58ebefdbaeb3bd19ed1c7b7

reference_url

https://github.com/apache/activemq/commit/9fd5cb7dfe0fcc431f99d5e14206e0090e72f36b

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/activemq/commit/9fd5cb7dfe0fcc431f99d5e14206e0090e72f36b

reference_url

https://issues.apache.org/jira/browse/AMQ-5754

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/AMQ-5754

reference_url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E

reference_url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E

reference_url

http://www.securityfocus.com/bid/76452

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/76452

reference_url

http://www.securitytracker.com/id/1033315

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securitytracker.com/id/1033315

reference_url

http://www.zerodayinitiative.com/advisories/ZDI-15-407

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.zerodayinitiative.com/advisories/ZDI-15-407

reference_url	http://www.zerodayinitiative.com/advisories/ZDI-15-407/
reference_id
reference_type
scores
url	http://www.zerodayinitiative.com/advisories/ZDI-15-407/

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/48181.rb
reference_id	CVE-2015-1830
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/48181.rb

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-1830

reference_id

CVE-2015-1830

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2015-1830

reference_url	https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/apache_activemq_traversal_upload.rb
reference_id	CVE-2015-1830
reference_type	exploit
scores
url	https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/http/apache_activemq_traversal_upload.rb

reference_url

http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt

reference_id

CVE-2015-1830-ANNOUNCEMENT.TXT

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt

reference_url	http://davidjorm.blogspot.fr/2015/08/directory-traversal-leading-to-rce-when.html
reference_id	CVE-2016-3088;CVE-2015-1830
reference_type	exploit
scores
url	http://davidjorm.blogspot.fr/2015/08/directory-traversal-leading-to-rce-when.html

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/40857.txt
reference_id	CVE-2016-3088;CVE-2015-1830
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/40857.txt

reference_url

https://github.com/advisories/GHSA-3v63-f83x-37x4

reference_id

GHSA-3v63-f83x-37x4

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-3v63-f83x-37x4

fixed_packages

url	pkg:deb/debian/activemq@0?distro=trixie
purl	pkg:deb/debian/activemq@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@0%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl	pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie

url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-q6zs-spcv-v7ey

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie

aliases CVE-2015-1830, GHSA-3v63-f83x-37x4

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vbqu-ak2c-gqez

url VCID-wema-7dnk-bkhy

vulnerability_id VCID-wema-7dnk-bkhy

summary

Apache ActiveMQ's default configuration doesn't secure the API web context
In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context (where the Jolokia JMX REST API and the Message REST API are located). It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker (using Jolokia JMX REST API) and/or produce/consume messages or purge/delete destinations (using the Message REST API).

To mitigate, users can update the default conf/jetty.xml configuration file to add authentication requirement:
<bean id="securityConstraintMapping" class="org.eclipse.jetty.security.ConstraintMapping">
  <property name="constraint" ref="securityConstraint" />
  <property name="pathSpec" value="/" />
</bean>

Or we encourage users to upgrade to Apache ActiveMQ 6.1.2 where the default configuration has been updated with authentication by default.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32114.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32114.json

reference_url

https://activemq.apache.org/security-advisories.data/CVE-2024-32114-announcement.txt

reference_id

reference_type

scores

value	8.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-02T17:11:27Z/

url

https://activemq.apache.org/security-advisories.data/CVE-2024-32114-announcement.txt

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-32114

reference_id

reference_type

scores

value	0.01541
scoring_system	epss
scoring_elements	0.81409
published_at	2026-04-21T12:55:00Z

value	0.02024
scoring_system	epss
scoring_elements	0.8377
published_at	2026-04-09T12:55:00Z

value	0.02024
scoring_system	epss
scoring_elements	0.83764
published_at	2026-04-08T12:55:00Z

value	0.02024
scoring_system	epss
scoring_elements	0.8374
published_at	2026-04-07T12:55:00Z

value	0.02024
scoring_system	epss
scoring_elements	0.83737
published_at	2026-04-04T12:55:00Z

value	0.02024
scoring_system	epss
scoring_elements	0.83786
published_at	2026-04-11T12:55:00Z

value	0.02024
scoring_system	epss
scoring_elements	0.83811
published_at	2026-04-18T12:55:00Z

value	0.02024
scoring_system	epss
scoring_elements	0.8381
published_at	2026-04-16T12:55:00Z

value	0.02024
scoring_system	epss
scoring_elements	0.83776
published_at	2026-04-13T12:55:00Z

value	0.02024
scoring_system	epss
scoring_elements	0.8378
published_at	2026-04-12T12:55:00Z

value	0.02024
scoring_system	epss
scoring_elements	0.83723
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-32114

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url