Search for packages
| purl | pkg:maven/org.apache.activemq/activemq-jaas@5.10.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-37ws-cqf7-4udm
Aliases: CVE-2020-13947 GHSA-66gw-ch5v-74v8 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0. |
Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-f5x2-zvxa-yba5
Aliases: CVE-2023-46604 GHSA-crg9-44h2-xw35 |
False positive This advisory has been marked as a false positive. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-k4jb-36cp-1fc4
Aliases: CVE-2022-41678 GHSA-53v4-42fg-g287 |
False positive This advisory has been marked as a false positive. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
|
VCID-rkj1-fqpn-cyfk
Aliases: CVE-2015-6524 GHSA-23cr-5hr4-rgwv |
The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack. NOTE: this identifier was SPLIT from CVE-2014-3612 per ADT2 due to different vulnerability types. |
Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-gxt8-xcsg-3kes | The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind. NOTE: this identifier has been SPLIT per ADT2 due to different vulnerability types. See CVE-2015-6524 for the use of wildcard operators in usernames. |
CVE-2014-3612
GHSA-72m6-23ff-7q26 |