Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.activemq/activemq-broker@5.15.3
Typemaven
Namespaceorg.apache.activemq
Nameactivemq-broker
Version5.15.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.19.6
Latest_non_vulnerable_version6.2.5
Affected_by_vulnerabilities
0
url VCID-3rq9-mjjw-17ds
vulnerability_id VCID-3rq9-mjjw-17ds
summary org.apache.activemq/activemq-broker: org.apache.activemq/activemq-all: Apache ActiveMQ: RCE via crafted discovery URI in Jolokia JMX-HTTP bridge
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34197.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34197.json
1
reference_url https://activemq.apache.org/security-advisories.data/CVE-2026-34197-announcement.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-04-17T03:55:13Z/
url https://activemq.apache.org/security-advisories.data/CVE-2026-34197-announcement.txt
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34197
reference_id
reference_type
scores
0
value 0.84168
scoring_system epss
scoring_elements 0.99323
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34197
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34197
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34197
4
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34197
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34197
6
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34197
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34197
7
reference_url http://www.openwall.com/lists/oss-security/2026/04/06/3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/06/3
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
reference_id 1136024
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455869
reference_id 2455869
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455869
10
reference_url https://github.com/advisories/GHSA-rxpj-7qvf-xv32
reference_id GHSA-rxpj-7qvf-xv32
reference_type
scores
url https://github.com/advisories/GHSA-rxpj-7qvf-xv32
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-broker@5.19.5
purl pkg:maven/org.apache.activemq/activemq-broker@5.19.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kdvx-ev7t-f3hw
1
vulnerability VCID-nank-qt9j-tudh
2
vulnerability VCID-rp7p-n2as-aua6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.19.5
1
url pkg:maven/org.apache.activemq/activemq-broker@6.2.3
purl pkg:maven/org.apache.activemq/activemq-broker@6.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9z3d-f57q-cqgw
1
vulnerability VCID-kdvx-ev7t-f3hw
2
vulnerability VCID-nank-qt9j-tudh
3
vulnerability VCID-rp7p-n2as-aua6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@6.2.3
aliases CVE-2026-34197, GHSA-rxpj-7qvf-xv32
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3rq9-mjjw-17ds
1
url VCID-42z8-yr2r-u3d5
vulnerability_id VCID-42z8-yr2r-u3d5
summary 
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. 

Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.
references
0
reference_url http://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46604.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-46604.json
2
reference_url https://activemq.apache.org/security-advisories.data/CVE-2023-46604
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://activemq.apache.org/security-advisories.data/CVE-2023-46604
3
reference_url https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-46604
reference_id
reference_type
scores
0
value 0.94436
scoring_system epss
scoring_elements 0.99988
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-46604
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46604
6
reference_url http://seclists.org/fulldisclosure/2024/Apr/18
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url http://seclists.org/fulldisclosure/2024/Apr/18
7
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
8
reference_url https://github.com/apache/activemq/commit/22442b2385b1000312aec3d19e510131d595a5fc
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/22442b2385b1000312aec3d19e510131d595a5fc
9
reference_url https://github.com/apache/activemq/commit/80089f9f476afab7d976f5fc37c5ab4aa0c2139d
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/80089f9f476afab7d976f5fc37c5ab4aa0c2139d
10
reference_url https://github.com/apache/activemq/commit/958330df26cf3d5cdb63905dc2c6882e98781d8f
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/958330df26cf3d5cdb63905dc2c6882e98781d8f
11
reference_url https://github.com/apache/activemq/commit/9905e2a5bf9862a049f94ce0a2465b0c7ad52436
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/9905e2a5bf9862a049f94ce0a2465b0c7ad52436
12
reference_url https://github.com/apache/activemq/commit/d0ccdd31544ada83185554c87c7aa141064020f0
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/d0ccdd31544ada83185554c87c7aa141064020f0
13
reference_url https://github.com/apache/activemq/pull/1098
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/pull/1098
14
reference_url https://issues.apache.org/jira/browse/AMQ-9370
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/AMQ-9370
15
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url https://lists.debian.org/debian-lts-announce/2023/11/msg00013.html
16
reference_url https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-46604
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-46604
18
reference_url https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url https://packetstormsecurity.com/files/175676/Apache-ActiveMQ-Unauthenticated-Remote-Code-Execution.html
19
reference_url https://security.netapp.com/advisory/ntap-20231110-0010
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231110-0010
20
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46604
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-46604
21
reference_url https://www.openwall.com/lists/oss-security/2023/10/27/5
reference_id
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url https://www.openwall.com/lists/oss-security/2023/10/27/5
22
reference_url http://www.openwall.com/lists/oss-security/2023/10/27/5
reference_id
reference_type
scores
0
value 10.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H/E:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2023/10/27/5
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054909
reference_id 1054909
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054909
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2246645
reference_id 2246645
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2246645
25
reference_url https://github.com/advisories/GHSA-crg9-44h2-xw35
reference_id GHSA-crg9-44h2-xw35
reference_type
scores
url https://github.com/advisories/GHSA-crg9-44h2-xw35
26
reference_url https://security.netapp.com/advisory/ntap-20231110-0010/
reference_id ntap-20231110-0010
reference_type
scores
0
value 10
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T15:16:07Z/
url https://security.netapp.com/advisory/ntap-20231110-0010/
27
reference_url https://access.redhat.com/errata/RHSA-2023:6849
reference_id RHSA-2023:6849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6849
28
reference_url https://access.redhat.com/errata/RHSA-2023:6866
reference_id RHSA-2023:6866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6866
29
reference_url https://access.redhat.com/errata/RHSA-2023:6877
reference_id RHSA-2023:6877
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6877
30
reference_url https://access.redhat.com/errata/RHSA-2023:6878
reference_id RHSA-2023:6878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6878
31
reference_url https://access.redhat.com/errata/RHSA-2023:6879
reference_id RHSA-2023:6879
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6879
32
reference_url https://usn.ubuntu.com/6910-1/
reference_id USN-6910-1
reference_type
scores
url https://usn.ubuntu.com/6910-1/
33
reference_url https://usn.ubuntu.com/7268-1/
reference_id USN-7268-1
reference_type
scores
url https://usn.ubuntu.com/7268-1/
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-broker@5.15.16
purl pkg:maven/org.apache.activemq/activemq-broker@5.15.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-9z3d-f57q-cqgw
2
vulnerability VCID-b8pk-m428-2ffh
3
vulnerability VCID-kdvx-ev7t-f3hw
4
vulnerability VCID-nank-qt9j-tudh
5
vulnerability VCID-rp7p-n2as-aua6
6
vulnerability VCID-zhkg-ja3f-7ubg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.15.16
1
url pkg:maven/org.apache.activemq/activemq-broker@5.16.7
purl pkg:maven/org.apache.activemq/activemq-broker@5.16.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-9z3d-f57q-cqgw
2
vulnerability VCID-kdvx-ev7t-f3hw
3
vulnerability VCID-nank-qt9j-tudh
4
vulnerability VCID-rp7p-n2as-aua6
5
vulnerability VCID-zhkg-ja3f-7ubg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.16.7
2
url pkg:maven/org.apache.activemq/activemq-broker@5.17.6
purl pkg:maven/org.apache.activemq/activemq-broker@5.17.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-9z3d-f57q-cqgw
2
vulnerability VCID-kdvx-ev7t-f3hw
3
vulnerability VCID-nank-qt9j-tudh
4
vulnerability VCID-rp7p-n2as-aua6
5
vulnerability VCID-zhkg-ja3f-7ubg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.17.6
3
url pkg:maven/org.apache.activemq/activemq-broker@5.18.3
purl pkg:maven/org.apache.activemq/activemq-broker@5.18.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-9z3d-f57q-cqgw
2
vulnerability VCID-kdvx-ev7t-f3hw
3
vulnerability VCID-nank-qt9j-tudh
4
vulnerability VCID-rp7p-n2as-aua6
5
vulnerability VCID-zhkg-ja3f-7ubg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.18.3
aliases CVE-2023-46604, GHSA-crg9-44h2-xw35
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-42z8-yr2r-u3d5
2
url VCID-9z3d-f57q-cqgw
vulnerability_id VCID-9z3d-f57q-cqgw
summary Apache ActiveMQ Client: Apache ActiveMQ Broker: Apache ActiveMQ: Apache ActiveMQ: Denial of Service due to TLSv1.3 KeyUpdate memory exhaustion
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39304.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-39304.json
1
reference_url https://activemq.apache.org/security-advisories.data/CVE-2026-39304-announcement.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T14:10:10Z/
url https://activemq.apache.org/security-advisories.data/CVE-2026-39304-announcement.txt
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-39304
reference_id
reference_type
scores
0
value 0.00076
scoring_system epss
scoring_elements 0.22937
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-39304
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39304
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39304
4
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-39304
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-39304
6
reference_url http://www.openwall.com/lists/oss-security/2026/04/09/17
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/09/17
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
reference_id 1136024
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457275
reference_id 2457275
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457275
9
reference_url https://github.com/advisories/GHSA-5568-6qcg-g7fx
reference_id GHSA-5568-6qcg-g7fx
reference_type
scores
url https://github.com/advisories/GHSA-5568-6qcg-g7fx
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-broker@5.19.4
purl pkg:maven/org.apache.activemq/activemq-broker@5.19.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-kdvx-ev7t-f3hw
2
vulnerability VCID-nank-qt9j-tudh
3
vulnerability VCID-rp7p-n2as-aua6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.19.4
1
url pkg:maven/org.apache.activemq/activemq-broker@6.2.4
purl pkg:maven/org.apache.activemq/activemq-broker@6.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-kdvx-ev7t-f3hw
1
vulnerability VCID-nank-qt9j-tudh
2
vulnerability VCID-rp7p-n2as-aua6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@6.2.4
aliases CVE-2026-39304, GHSA-5568-6qcg-g7fx
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9z3d-f57q-cqgw
3
url VCID-b8pk-m428-2ffh
vulnerability_id VCID-b8pk-m428-2ffh
summary ActiveMQ: Deserialization vulnerability on Jolokia that allows authenticated users to perform RCE
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41678.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41678.json
1
reference_url https://activemq.apache.org/security-advisories.data/CVE-2022-41678-announcement.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://activemq.apache.org/security-advisories.data/CVE-2022-41678-announcement.txt
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41678
reference_id
reference_type
scores
0
value 0.93
scoring_system epss
scoring_elements 0.99787
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41678
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41678
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41678
4
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
5
reference_url https://github.com/apache/activemq/commit/5c8d457d9
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/5c8d457d9
6
reference_url https://github.com/apache/activemq/commit/6120169e563b55323352431dfe9ac67a8b4de6c2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/6120169e563b55323352431dfe9ac67a8b4de6c2
7
reference_url https://github.com/apache/activemq/commit/bf65929fd
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/bf65929fd
8
reference_url https://github.com/apache/activemq/commit/d8ce1d9ff
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/d8ce1d9ff
9
reference_url https://github.com/apache/activemq/pull/958
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/pull/958
10
reference_url https://lists.apache.org/thread/7g17kwbtjl011mm4tr8bn1vnoq9wh4sl
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/7g17kwbtjl011mm4tr8bn1vnoq9wh4sl
11
reference_url https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-41678
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-41678
13
reference_url https://security.netapp.com/advisory/ntap-20240216-0004
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240216-0004
14
reference_url https://www.openwall.com/lists/oss-security/2023/11/28/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2023/11/28/1
15
reference_url http://www.openwall.com/lists/oss-security/2023/11/28/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2023/11/28/1
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2252185
reference_id 2252185
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2252185
17
reference_url https://github.com/advisories/GHSA-53v4-42fg-g287
reference_id GHSA-53v4-42fg-g287
reference_type
scores
url https://github.com/advisories/GHSA-53v4-42fg-g287
18
reference_url https://access.redhat.com/errata/RHSA-2024:2944
reference_id RHSA-2024:2944
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2944
19
reference_url https://usn.ubuntu.com/6910-1/
reference_id USN-6910-1
reference_type
scores
url https://usn.ubuntu.com/6910-1/
20
reference_url https://usn.ubuntu.com/7268-1/
reference_id USN-7268-1
reference_type
scores
url https://usn.ubuntu.com/7268-1/
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-broker@5.16.6
purl pkg:maven/org.apache.activemq/activemq-broker@5.16.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-42z8-yr2r-u3d5
2
vulnerability VCID-9z3d-f57q-cqgw
3
vulnerability VCID-kdvx-ev7t-f3hw
4
vulnerability VCID-nank-qt9j-tudh
5
vulnerability VCID-rp7p-n2as-aua6
6
vulnerability VCID-zhkg-ja3f-7ubg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.16.6
1
url pkg:maven/org.apache.activemq/activemq-broker@5.17.4
purl pkg:maven/org.apache.activemq/activemq-broker@5.17.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-42z8-yr2r-u3d5
2
vulnerability VCID-9z3d-f57q-cqgw
3
vulnerability VCID-kdvx-ev7t-f3hw
4
vulnerability VCID-nank-qt9j-tudh
5
vulnerability VCID-rp7p-n2as-aua6
6
vulnerability VCID-zhkg-ja3f-7ubg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.17.4
aliases CVE-2022-41678, GHSA-53v4-42fg-g287
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b8pk-m428-2ffh
4
url VCID-d5a5-a8mg-y3hg
vulnerability_id VCID-d5a5-a8mg-y3hg
summary 
Improper Control of Generation of Code ('Code Injection') in org.apache.activemq:activemq-client
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.
references
0
reference_url http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0222.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0222.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0222
reference_id
reference_type
scores
0
value 0.08918
scoring_system epss
scoring_elements 0.92706
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0222
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0222
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0222
4
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
5
reference_url https://github.com/apache/activemq/commit/98b9f2e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/98b9f2e
6
reference_url https://github.com/apache/activemq/commit/f78c0962ffb46fae3397eed6b7ec1e6e15045031
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/f78c0962ffb46fae3397eed6b7ec1e6e15045031
7
reference_url https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1@%3Cdev.activemq.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc@%3Ccommits.activemq.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485@%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/71640324661c1b6d0b6708bd4fb20170e1b979370a4b8cddc4f8d485@%3Cdev.activemq.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488@%3Cusers.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/7da9636557118178b1690ba0af49c8a7b7b97d925218b5774622f488@%3Cusers.activemq.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/d1e334bd71d6e68462c62c726fe6db565c7a6283302f9c1feed087fa@%3Ccommits.activemq.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/fcbe6ad00f1de142148c20d813fae3765dc4274955e3e2f3ca19ff7b@%3Cdev.activemq.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r946488fb942fd35c6a6e0359f52504a558ed438574a8f14d36d7dcd7@%3Ccommits.activemq.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb698ed085f79e56146ca24ab359c9ef95846618675ea1ef402e04a6d@%3Ccommits.activemq.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a@%3Ccommits.activemq.apache.org%3E
17
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00004.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00004.html
18
reference_url https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/03/msg00005.html
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0222
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-0222
20
reference_url https://security.netapp.com/advisory/ntap-20190502-0006
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190502-0006
21
reference_url https://web.archive.org/web/20190404065432/http://www.securityfocus.com/bid/107622
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20190404065432/http://www.securityfocus.com/bid/107622
22
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
23
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2020.html
24
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
25
reference_url http://www.openwall.com/lists/oss-security/2019/03/27/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/03/27/2
26
reference_url http://www.securityfocus.com/bid/107622
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/107622
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1696012
reference_id 1696012
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1696012
28
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925964
reference_id 925964
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925964
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988109
reference_id 988109
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988109
30
reference_url https://github.com/advisories/GHSA-jpv3-g4cc-6vfx
reference_id GHSA-jpv3-g4cc-6vfx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpv3-g4cc-6vfx
31
reference_url https://access.redhat.com/errata/RHSA-2020:0922
reference_id RHSA-2020:0922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0922
32
reference_url https://access.redhat.com/errata/RHSA-2020:1445
reference_id RHSA-2020:1445
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1445
33
reference_url https://usn.ubuntu.com/6685-1/
reference_id USN-6685-1
reference_type
scores
url https://usn.ubuntu.com/6685-1/
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-broker@5.15.9
purl pkg:maven/org.apache.activemq/activemq-broker@5.15.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-42z8-yr2r-u3d5
2
vulnerability VCID-9z3d-f57q-cqgw
3
vulnerability VCID-b8pk-m428-2ffh
4
vulnerability VCID-kdvx-ev7t-f3hw
5
vulnerability VCID-mr1d-x78q-ekg1
6
vulnerability VCID-nank-qt9j-tudh
7
vulnerability VCID-rp7p-n2as-aua6
8
vulnerability VCID-zhkg-ja3f-7ubg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.15.9
aliases CVE-2019-0222, GHSA-jpv3-g4cc-6vfx
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d5a5-a8mg-y3hg
5
url VCID-kdvx-ev7t-f3hw
vulnerability_id VCID-kdvx-ev7t-f3hw
summary org.apache.activemq/activemq-broker: org.apache.activemq/activemq-all: Apache ActiveMQ: Arbitrary code execution via improper input validation in admin console
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41044.json
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41044.json
1
reference_url https://activemq.apache.org/security-advisories.data/CVE-2026-41044-announcement.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T18:22:17Z/
url https://activemq.apache.org/security-advisories.data/CVE-2026-41044-announcement.txt
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41044
reference_id
reference_type
scores
0
value 0.00073
scoring_system epss
scoring_elements 0.22266
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41044
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41044
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41044
4
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41044
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41044
6
reference_url http://www.openwall.com/lists/oss-security/2026/04/23/6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/23/6
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
reference_id 1136024
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461409
reference_id 2461409
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461409
9
reference_url https://github.com/advisories/GHSA-mr6m-xj7v-3cv3
reference_id GHSA-mr6m-xj7v-3cv3
reference_type
scores
url https://github.com/advisories/GHSA-mr6m-xj7v-3cv3
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-broker@5.19.6
purl pkg:maven/org.apache.activemq/activemq-broker@5.19.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.19.6
1
url pkg:maven/org.apache.activemq/activemq-broker@6.2.5
purl pkg:maven/org.apache.activemq/activemq-broker@6.2.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@6.2.5
aliases CVE-2026-41044, GHSA-mr6m-xj7v-3cv3
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kdvx-ev7t-f3hw
6
url VCID-mr1d-x78q-ekg1
vulnerability_id VCID-mr1d-x78q-ekg1
summary 
Cross-site scripting (XSS) in Apache ActiveMQ
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0.
references
0
reference_url http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://activemq.apache.org/security-advisories.data/CVE-2020-13947-announcement.txt
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13947
reference_id
reference_type
scores
0
value 0.04029
scoring_system epss
scoring_elements 0.8868
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13947
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13947
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13947
3
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
4
reference_url https://github.com/apache/activemq/commit/177eb71c52069712bcc9fe14c70e079cc2671a80
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/commit/177eb71c52069712bcc9fe14c70e079cc2671a80
5
reference_url https://github.com/apache/activemq/compare/activemq-5.16.0...activemq-5.16.1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq/compare/activemq-5.16.0...activemq-5.16.1
6
reference_url https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r021c490028f61c8b6f7e38efb98e61693b0cbb6b99b02238c6fc7d66@%3Ccommits.activemq.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cdev.activemq.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra66791f1f2b59fa651a81cec5202acdfbf34c2154fc0ff200301cc1c@%3Cusers.activemq.apache.org%3E
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13947
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13947
10
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
11
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
12
reference_url https://github.com/advisories/GHSA-66gw-ch5v-74v8
reference_id GHSA-66gw-ch5v-74v8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-66gw-ch5v-74v8
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-broker@5.15.14
purl pkg:maven/org.apache.activemq/activemq-broker@5.15.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-42z8-yr2r-u3d5
2
vulnerability VCID-9z3d-f57q-cqgw
3
vulnerability VCID-b8pk-m428-2ffh
4
vulnerability VCID-kdvx-ev7t-f3hw
5
vulnerability VCID-nank-qt9j-tudh
6
vulnerability VCID-rp7p-n2as-aua6
7
vulnerability VCID-zhkg-ja3f-7ubg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.15.14
1
url pkg:maven/org.apache.activemq/activemq-broker@5.16.1
purl pkg:maven/org.apache.activemq/activemq-broker@5.16.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-42z8-yr2r-u3d5
2
vulnerability VCID-9z3d-f57q-cqgw
3
vulnerability VCID-b8pk-m428-2ffh
4
vulnerability VCID-kdvx-ev7t-f3hw
5
vulnerability VCID-nank-qt9j-tudh
6
vulnerability VCID-rp7p-n2as-aua6
7
vulnerability VCID-zhkg-ja3f-7ubg
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.16.1
aliases CVE-2020-13947, GHSA-66gw-ch5v-74v8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mr1d-x78q-ekg1
7
url VCID-nank-qt9j-tudh
vulnerability_id VCID-nank-qt9j-tudh
summary Apache ActiveMQ: Apache ActiveMQ Web: Apache ActiveMQ: Information disclosure via Cross-Site Scripting in web console
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41043.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41043.json
1
reference_url https://activemq.apache.org/security-advisories.data/CVE-2026-41043-announcement.txt
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-24T18:05:08Z/
url https://activemq.apache.org/security-advisories.data/CVE-2026-41043-announcement.txt
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-41043
reference_id
reference_type
scores
0
value 0.00241
scoring_system epss
scoring_elements 0.47529
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-41043
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41043
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41043
4
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-41043
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-41043
6
reference_url http://www.openwall.com/lists/oss-security/2026/04/23/5
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/23/5
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
reference_id 1136024
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461407
reference_id 2461407
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461407
9
reference_url https://github.com/advisories/GHSA-2jp3-2923-9h52
reference_id GHSA-2jp3-2923-9h52
reference_type
scores
url https://github.com/advisories/GHSA-2jp3-2923-9h52
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-broker@5.19.6
purl pkg:maven/org.apache.activemq/activemq-broker@5.19.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.19.6
1
url pkg:maven/org.apache.activemq/activemq-broker@6.2.5
purl pkg:maven/org.apache.activemq/activemq-broker@6.2.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@6.2.5
aliases CVE-2026-41043, GHSA-2jp3-2923-9h52
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nank-qt9j-tudh
8
url VCID-rp7p-n2as-aua6
vulnerability_id VCID-rp7p-n2as-aua6
summary org.apache.activemq/activemq-all: org.apache.activemq/activemq-broker: Apache ActiveMQ: Arbitrary code execution via improper input validation in HTTP Discovery transport
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40466.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40466.json
1
reference_url https://activemq.apache.org/security-advisories.data/CVE-2026-34197-announcement.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-27T13:37:05Z/
url https://activemq.apache.org/security-advisories.data/CVE-2026-34197-announcement.txt
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-40466
reference_id
reference_type
scores
0
value 0.18014
scoring_system epss
scoring_elements 0.95276
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-40466
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40466
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40466
4
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-40466
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-40466
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
reference_id 1136024
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2461410
reference_id 2461410
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2461410
8
reference_url https://github.com/advisories/GHSA-w3w2-mpp5-92gm
reference_id GHSA-w3w2-mpp5-92gm
reference_type
scores
url https://github.com/advisories/GHSA-w3w2-mpp5-92gm
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-broker@5.19.6
purl pkg:maven/org.apache.activemq/activemq-broker@5.19.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.19.6
1
url pkg:maven/org.apache.activemq/activemq-broker@6.2.5
purl pkg:maven/org.apache.activemq/activemq-broker@6.2.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@6.2.5
aliases CVE-2026-40466, GHSA-w3w2-mpp5-92gm
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rp7p-n2as-aua6
9
url VCID-zhkg-ja3f-7ubg
vulnerability_id VCID-zhkg-ja3f-7ubg
summary org.apache.activemq/activemq-client: org.apache.activemq/activemq-broker: org.apache.activemq/activemq-all: org.apache.activemq/activemq-web: improper limitation of a pathname to a restricted classpath directory
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33227.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33227.json
1
reference_url https://activemq.apache.org/security-advisories.data/CVE-2026-33227-announcement.txt
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-07T14:04:21Z/
url https://activemq.apache.org/security-advisories.data/CVE-2026-33227-announcement.txt
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33227
reference_id
reference_type
scores
0
value 0.00077
scoring_system epss
scoring_elements 0.2306
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33227
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33227
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33227
4
reference_url https://github.com/apache/activemq
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/activemq
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33227
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33227
6
reference_url http://www.openwall.com/lists/oss-security/2026/04/06/4
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/06/4
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
reference_id 1136024
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136024
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455867
reference_id 2455867
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455867
9
reference_url https://github.com/advisories/GHSA-h2h4-5m64-m273
reference_id GHSA-h2h4-5m64-m273
reference_type
scores
url https://github.com/advisories/GHSA-h2h4-5m64-m273
fixed_packages
0
url pkg:maven/org.apache.activemq/activemq-broker@5.19.3
purl pkg:maven/org.apache.activemq/activemq-broker@5.19.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-9z3d-f57q-cqgw
2
vulnerability VCID-kdvx-ev7t-f3hw
3
vulnerability VCID-nank-qt9j-tudh
4
vulnerability VCID-rp7p-n2as-aua6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.19.3
1
url pkg:maven/org.apache.activemq/activemq-broker@6.2.2
purl pkg:maven/org.apache.activemq/activemq-broker@6.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3rq9-mjjw-17ds
1
vulnerability VCID-9z3d-f57q-cqgw
2
vulnerability VCID-kdvx-ev7t-f3hw
3
vulnerability VCID-nank-qt9j-tudh
4
vulnerability VCID-rp7p-n2as-aua6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@6.2.2
aliases CVE-2026-33227, GHSA-h2h4-5m64-m273
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zhkg-ja3f-7ubg
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.activemq/activemq-broker@5.15.3