Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/activemq@5.6.0%2Bdfsg1-4?distro=trixie
Typedeb
Namespacedebian
Nameactivemq
Version5.6.0+dfsg1-4
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version5.6.0+dfsg1-4+deb8u1
Latest_non_vulnerable_version5.17.6+dfsg-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4x3q-h212-duaz
vulnerability_id VCID-4x3q-h212-duaz
summary XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3600.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3600.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3600
reference_id
reference_type
scores
0
value 0.00511
scoring_system epss
scoring_elements 0.66503
published_at 2026-04-24T12:55:00Z
1
value 0.00511
scoring_system epss
scoring_elements 0.66368
published_at 2026-04-01T12:55:00Z
2
value 0.00511
scoring_system epss
scoring_elements 0.66406
published_at 2026-04-02T12:55:00Z
3
value 0.00511
scoring_system epss
scoring_elements 0.66433
published_at 2026-04-04T12:55:00Z
4
value 0.00511
scoring_system epss
scoring_elements 0.66403
published_at 2026-04-07T12:55:00Z
5
value 0.00511
scoring_system epss
scoring_elements 0.66452
published_at 2026-04-08T12:55:00Z
6
value 0.00511
scoring_system epss
scoring_elements 0.66465
published_at 2026-04-09T12:55:00Z
7
value 0.00511
scoring_system epss
scoring_elements 0.66485
published_at 2026-04-11T12:55:00Z
8
value 0.00511
scoring_system epss
scoring_elements 0.66473
published_at 2026-04-12T12:55:00Z
9
value 0.00511
scoring_system epss
scoring_elements 0.66442
published_at 2026-04-13T12:55:00Z
10
value 0.00511
scoring_system epss
scoring_elements 0.66477
published_at 2026-04-16T12:55:00Z
11
value 0.00511
scoring_system epss
scoring_elements 0.66494
published_at 2026-04-18T12:55:00Z
12
value 0.00511
scoring_system epss
scoring_elements 0.66479
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3600
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3600
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3600
3
reference_url http://seclists.org/oss-sec/2015/q1/427
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2015/q1/427
4
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/100722
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/100722
5
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
6
reference_url https://github.com/apache/activemq/commit/3e5ac6326db59f524a0e71f6b717428607d7b67d
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/3e5ac6326db59f524a0e71f6b717428607d7b67d
7
reference_url https://github.com/apache/activemq/commit/b9696ac80bb496b52d05c3884f81b0746d9af9e2
reference_id
reference_type
scores
url https://github.com/apache/activemq/commit/b9696ac80bb496b52d05c3884f81b0746d9af9e2
8
reference_url https://issues.apache.org/jira/browse/AMQ-5333
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AMQ-5333
9
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
11
reference_url http://www.securityfocus.com/bid/72510
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/72510
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1133649
reference_id 1133649
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1133649
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777196
reference_id 777196
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777196
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.0.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.1.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.2.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.0:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.3.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.1:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.2:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.4.3:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.5.1:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.6.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.7.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.8.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:activemq:5.9.1:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3600
reference_id CVE-2014-3600
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3600
33
reference_url http://activemq.apache.org/security-advisories.data/CVE-2014-3600-announcement.txt
reference_id CVE-2014-3600-ANNOUNCEMENT.TXT
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2014-3600-announcement.txt
34
reference_url https://github.com/advisories/GHSA-4vhf-2hv7-8mrx
reference_id GHSA-4vhf-2hv7-8mrx
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4vhf-2hv7-8mrx
35
reference_url https://access.redhat.com/errata/RHSA-2015:0137
reference_id RHSA-2015:0137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0137
36
reference_url https://access.redhat.com/errata/RHSA-2015:0138
reference_id RHSA-2015:0138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0138
fixed_packages
0
url pkg:deb/debian/activemq@5.6.0%2Bdfsg1-4?distro=trixie
purl pkg:deb/debian/activemq@5.6.0%2Bdfsg1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.6.0%252Bdfsg1-4%3Fdistro=trixie
1
url pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie
2
url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q6zs-spcv-v7ey
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2014-3600, GHSA-4vhf-2hv7-8mrx
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4x3q-h212-duaz
1
url VCID-gxt8-xcsg-3kes
vulnerability_id VCID-gxt8-xcsg-3kes
summary The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind. NOTE: this identifier has been SPLIT per ADT2 due to different vulnerability types. See CVE-2015-6524 for the use of wildcard operators in usernames.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-0137.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0137.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-0138.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0138.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3612.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3612.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3612
reference_id
reference_type
scores
0
value 0.00705
scoring_system epss
scoring_elements 0.7217
published_at 2026-04-24T12:55:00Z
1
value 0.00705
scoring_system epss
scoring_elements 0.72051
published_at 2026-04-07T12:55:00Z
2
value 0.00705
scoring_system epss
scoring_elements 0.72088
published_at 2026-04-08T12:55:00Z
3
value 0.00705
scoring_system epss
scoring_elements 0.721
published_at 2026-04-09T12:55:00Z
4
value 0.00705
scoring_system epss
scoring_elements 0.72122
published_at 2026-04-11T12:55:00Z
5
value 0.00705
scoring_system epss
scoring_elements 0.72107
published_at 2026-04-12T12:55:00Z
6
value 0.00705
scoring_system epss
scoring_elements 0.72093
published_at 2026-04-13T12:55:00Z
7
value 0.00705
scoring_system epss
scoring_elements 0.72133
published_at 2026-04-16T12:55:00Z
8
value 0.00705
scoring_system epss
scoring_elements 0.72141
published_at 2026-04-18T12:55:00Z
9
value 0.00705
scoring_system epss
scoring_elements 0.72127
published_at 2026-04-21T12:55:00Z
10
value 0.00705
scoring_system epss
scoring_elements 0.72048
published_at 2026-04-01T12:55:00Z
11
value 0.00705
scoring_system epss
scoring_elements 0.72054
published_at 2026-04-02T12:55:00Z
12
value 0.00705
scoring_system epss
scoring_elements 0.72075
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3612
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3612
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3612
5
reference_url http://seclists.org/oss-sec/2015/q1/427
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2015/q1/427
6
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
7
reference_url https://github.com/apache/activemq/commit/0b5231ada5ce365b41832ba8752ee210145d1cbe
reference_id
reference_type
scores
url https://github.com/apache/activemq/commit/0b5231ada5ce365b41832ba8752ee210145d1cbe
8
reference_url https://github.com/apache/activemq/commit/22f2f3dde757d31307da772d579815c1d169bc39
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/22f2f3dde757d31307da772d579815c1d169bc39
9
reference_url https://issues.apache.org/jira/browse/AMQ-5345
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AMQ-5345
10
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E
12
reference_url http://www.securityfocus.com/bid/72513
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/72513
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1135912
reference_id 1135912
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1135912
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777196
reference_id 777196
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777196
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3612
reference_id CVE-2014-3612
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3612
16
reference_url http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
reference_id CVE-2014-3612-ANNOUNCEMENT.TXT
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
17
reference_url https://github.com/advisories/GHSA-72m6-23ff-7q26
reference_id GHSA-72m6-23ff-7q26
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-72m6-23ff-7q26
18
reference_url https://access.redhat.com/errata/RHSA-2015:0137
reference_id RHSA-2015:0137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0137
19
reference_url https://access.redhat.com/errata/RHSA-2015:0138
reference_id RHSA-2015:0138
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0138
fixed_packages
0
url pkg:deb/debian/activemq@5.6.0%2Bdfsg1-4?distro=trixie
purl pkg:deb/debian/activemq@5.6.0%2Bdfsg1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.6.0%252Bdfsg1-4%3Fdistro=trixie
1
url pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie
2
url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q6zs-spcv-v7ey
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2014-3612, GHSA-72m6-23ff-7q26
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gxt8-xcsg-3kes
2
url VCID-rkj1-fqpn-cyfk
vulnerability_id VCID-rkj1-fqpn-cyfk
summary The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack. NOTE: this identifier was SPLIT from CVE-2014-3612 per ADT2 due to different vulnerability types.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168094.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168094.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168651.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168651.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6524.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6524.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-6524
reference_id
reference_type
scores
0
value 0.01167
scoring_system epss
scoring_elements 0.78695
published_at 2026-04-24T12:55:00Z
1
value 0.01167
scoring_system epss
scoring_elements 0.78641
published_at 2026-04-13T12:55:00Z
2
value 0.01167
scoring_system epss
scoring_elements 0.7867
published_at 2026-04-16T12:55:00Z
3
value 0.01167
scoring_system epss
scoring_elements 0.78668
published_at 2026-04-18T12:55:00Z
4
value 0.01167
scoring_system epss
scoring_elements 0.78665
published_at 2026-04-21T12:55:00Z
5
value 0.01167
scoring_system epss
scoring_elements 0.78591
published_at 2026-04-01T12:55:00Z
6
value 0.01167
scoring_system epss
scoring_elements 0.78598
published_at 2026-04-02T12:55:00Z
7
value 0.01167
scoring_system epss
scoring_elements 0.78629
published_at 2026-04-04T12:55:00Z
8
value 0.01167
scoring_system epss
scoring_elements 0.7861
published_at 2026-04-07T12:55:00Z
9
value 0.01167
scoring_system epss
scoring_elements 0.78635
published_at 2026-04-08T12:55:00Z
10
value 0.01167
scoring_system epss
scoring_elements 0.78642
published_at 2026-04-09T12:55:00Z
11
value 0.01167
scoring_system epss
scoring_elements 0.78667
published_at 2026-04-11T12:55:00Z
12
value 0.01167
scoring_system epss
scoring_elements 0.78648
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-6524
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6524
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6524
5
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
6
reference_url https://github.com/apache/activemq/commit/0b5231ada5ce365b41832ba8752ee210145d1cbe
reference_id
reference_type
scores
url https://github.com/apache/activemq/commit/0b5231ada5ce365b41832ba8752ee210145d1cbe
7
reference_url https://github.com/apache/activemq/commit/22f2f3dde757d31307da772d579815c1d169bc39
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/22f2f3dde757d31307da772d579815c1d169bc39
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1257246
reference_id 1257246
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1257246
9
reference_url http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
reference_id CVE-2014-3612-ANNOUNCEMENT.TXT
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-6524
reference_id CVE-2015-6524
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-6524
11
reference_url https://github.com/advisories/GHSA-23cr-5hr4-rgwv
reference_id GHSA-23cr-5hr4-rgwv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-23cr-5hr4-rgwv
fixed_packages
0
url pkg:deb/debian/activemq@5.6.0%2Bdfsg1-4?distro=trixie
purl pkg:deb/debian/activemq@5.6.0%2Bdfsg1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.6.0%252Bdfsg1-4%3Fdistro=trixie
1
url pkg:deb/debian/activemq@5.16.1-1?distro=trixie
purl pkg:deb/debian/activemq@5.16.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.16.1-1%3Fdistro=trixie
2
url pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/activemq@5.17.2%2Bdfsg-2%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-q6zs-spcv-v7ey
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.2%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/activemq@5.17.6%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.17.6%252Bdfsg-2%3Fdistro=trixie
aliases CVE-2015-6524, GHSA-23cr-5hr4-rgwv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rkj1-fqpn-cyfk
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/activemq@5.6.0%252Bdfsg1-4%3Fdistro=trixie