Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/org.apache.activemq/activemq-parent@5.15.3
purl pkg:maven/org.apache.activemq/activemq-parent@5.15.3
Next non-vulnerable version 5.15.13
Latest non-vulnerable version 5.16.1
Risk 3.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-a3nb-p5p6-zbf7
Aliases:
CVE-2020-13920
GHSA-xgrx-xpv2-6vp4
Missing Authentication for Critical Function Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the "jmxrmi" entry. It is possible to connect to the registry without authentication and call the rebind method to rebind jmxrmi to something else. If an attacker creates another server to proxy the original, and bound that, he effectively becomes a man in the middle and is able to intercept the credentials when an user connects. Upgrade to Apache ActiveMQ 5.15.12.
5.15.12
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-5kmj-whmc-4bfa When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text. CVE-2017-15709
GHSA-7qm4-p377-fr2r

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:47:31.754557+00:00 GitLab Importer Fixing VCID-5kmj-whmc-4bfa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.activemq/activemq-parent/CVE-2017-15709.yml 38.4.0
2026-04-16T21:38:53.299398+00:00 GitLab Importer Affected by VCID-a3nb-p5p6-zbf7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.activemq/activemq-parent/CVE-2020-13920.yml 38.4.0
2026-04-11T23:03:22.123442+00:00 GitLab Importer Fixing VCID-5kmj-whmc-4bfa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.activemq/activemq-parent/CVE-2017-15709.yml 38.3.0
2026-04-11T22:54:01.329819+00:00 GitLab Importer Affected by VCID-a3nb-p5p6-zbf7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.activemq/activemq-parent/CVE-2020-13920.yml 38.3.0
2026-04-02T23:11:44.712421+00:00 GitLab Importer Fixing VCID-5kmj-whmc-4bfa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.activemq/activemq-parent/CVE-2017-15709.yml 38.1.0
2026-04-02T23:03:14.162812+00:00 GitLab Importer Affected by VCID-a3nb-p5p6-zbf7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.activemq/activemq-parent/CVE-2020-13920.yml 38.1.0
2026-04-01T17:22:08.745341+00:00 GitLab Importer Affected by VCID-a3nb-p5p6-zbf7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.activemq/activemq-parent/CVE-2020-13920.yml 38.0.0
2026-04-01T16:01:01.239597+00:00 GHSA Importer Fixing VCID-5kmj-whmc-4bfa https://github.com/advisories/GHSA-7qm4-p377-fr2r 38.0.0
2026-04-01T13:09:51.558234+00:00 GithubOSV Importer Fixing VCID-5kmj-whmc-4bfa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-7qm4-p377-fr2r/GHSA-7qm4-p377-fr2r.json 38.0.0
2026-04-01T12:50:07.929732+00:00 GitLab Importer Fixing VCID-5kmj-whmc-4bfa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.activemq/activemq-parent/CVE-2017-15709.yml 38.0.0