VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-758a-8ku9-9bg4

Essentials
Severities (23)
References (25)
Severity details (22)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-758a-8ku9-9bg4
Aliases	CVE-2022-23913 GHSA-pr38-qpxm-g88x
Summary	artemis-commons: Apache ActiveMQ Artemis DoS
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-400	Uncontrolled Resource Consumption
CWE-770	Allocation of Resources Without Limits or Throttling
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23913.json
epss	0.02409	https://api.first.org/data/v1/epss?cve=CVE-2022-23913
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-pr38-qpxm-g88x
cvssv3.1	7.5	https://github.com/apache/activemq-artemis
generic_textual	HIGH	https://github.com/apache/activemq-artemis
cvssv3.1	7.5	https://github.com/apache/activemq-artemis/pull/3862
generic_textual	HIGH	https://github.com/apache/activemq-artemis/pull/3862
cvssv3.1	7.5	https://github.com/apache/activemq-artemis/pull/3862/commits/1f92368240229b8f5db92a92a72c703faf83e9b7
generic_textual	HIGH	https://github.com/apache/activemq-artemis/pull/3862/commits/1f92368240229b8f5db92a92a72c703faf83e9b7
cvssv3.1	7.5	https://github.com/apache/activemq-artemis/pull/3871
generic_textual	HIGH	https://github.com/apache/activemq-artemis/pull/3871
cvssv3.1	7.5	https://github.com/apache/activemq-artemis/pull/3871/commits/153d2e9a979aead8dff95fbc91d659ecc7d0fb82
generic_textual	HIGH	https://github.com/apache/activemq-artemis/pull/3871/commits/153d2e9a979aead8dff95fbc91d659ecc7d0fb82
cvssv3.1	7.5	https://github.com/github/codeql-java-CVE-coverage/issues/1061
generic_textual	HIGH	https://github.com/github/codeql-java-CVE-coverage/issues/1061
cvssv3.1	7.5	https://issues.apache.org/jira/browse/ARTEMIS-3593
generic_textual	HIGH	https://issues.apache.org/jira/browse/ARTEMIS-3593
cvssv3.1	7.5	https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2
generic_textual	HIGH	https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-23913
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2022-23913
cvssv3.1	7.5	https://security.netapp.com/advisory/ntap-20220303-0003
generic_textual	HIGH	https://security.netapp.com/advisory/ntap-20220303-0003

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23913.json
		https://api.first.org/data/v1/epss?cve=CVE-2022-23913
		https://github.com/apache/activemq-artemis
		https://github.com/apache/activemq-artemis/pull/3862
		https://github.com/apache/activemq-artemis/pull/3862/commits/1f92368240229b8f5db92a92a72c703faf83e9b7
		https://github.com/apache/activemq-artemis/pull/3871
		https://github.com/apache/activemq-artemis/pull/3871/commits/153d2e9a979aead8dff95fbc91d659ecc7d0fb82
		https://github.com/github/codeql-java-CVE-coverage/issues/1061
		https://issues.apache.org/jira/browse/ARTEMIS-3593
		https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2
		https://nvd.nist.gov/vuln/detail/CVE-2022-23913
		https://security.netapp.com/advisory/ntap-20220303-0003
		https://security.netapp.com/advisory/ntap-20220303-0003/
2063601		https://bugzilla.redhat.com/show_bug.cgi?id=2063601
GHSA-pr38-qpxm-g88x		https://github.com/advisories/GHSA-pr38-qpxm-g88x
RHSA-2022:4918		https://access.redhat.com/errata/RHSA-2022:4918
RHSA-2022:4919		https://access.redhat.com/errata/RHSA-2022:4919
RHSA-2022:4922		https://access.redhat.com/errata/RHSA-2022:4922
RHSA-2022:5101		https://access.redhat.com/errata/RHSA-2022:5101
RHSA-2022:5532		https://access.redhat.com/errata/RHSA-2022:5532
RHSA-2022:7409		https://access.redhat.com/errata/RHSA-2022:7409
RHSA-2022:7410		https://access.redhat.com/errata/RHSA-2022:7410
RHSA-2022:7411		https://access.redhat.com/errata/RHSA-2022:7411
RHSA-2022:7417		https://access.redhat.com/errata/RHSA-2022:7417
RHSA-2025:4437		https://access.redhat.com/errata/RHSA-2025:4437

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23913.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/activemq-artemis

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/activemq-artemis/pull/3862

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/activemq-artemis/pull/3862/commits/1f92368240229b8f5db92a92a72c703faf83e9b7

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/activemq-artemis/pull/3871

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/activemq-artemis/pull/3871/commits/153d2e9a979aead8dff95fbc91d659ecc7d0fb82

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/github/codeql-java-CVE-coverage/issues/1061

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://issues.apache.org/jira/browse/ARTEMIS-3593

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.apache.org/thread/fjynj57rd99s814rdn5hzvmx8lz403q2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-23913

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://security.netapp.com/advisory/ntap-20220303-0003

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.85339
EPSS Score	0.02409
Published At	May 29, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-05-29T09:14:14.802217+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23913.json	38.6.0