pkg:Maven/org.apache.activemq:activemq-client

18 total CVEsCRITICAL4HIGH5MEDIUM5

✅ Check your installed version

All known vulnerabilities

  • CRITICAL10.0CVE-2023-46604⚠ KEVApache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack
    from 0, < 5.15.16
  • CRITICAL9.8CVE-2016-3088⚠ KEVImproper Input Validation in Apache ActiveMQ
    >= 5.0.0, < 5.14.0
  • CRITICAL9.8CVE-2014-3600Improper Restriction of XML External Entity Reference in Apache ActiveMQ
    >= 5.0.0, < 5.10.1
  • CRITICAL9.8CVE-2015-5254activemq - security update
    >= 5.0.0, < 5.11.3
  • HIGH7.5CVE-2026-39304Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Incorrect handling of TLSv1.3 KeyUpdate can be exploited to cause DoS via OOM
    from 0, < 5.19.4
  • HIGH7.5CVE-2025-27533Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation
    from 0, < 5.16.8
  • HIGH7.5CVE-2014-3576Improper Neutralization of Special Elements used in an OS Command in Apache ActiveMQ
    from 0, < 5.11.0
  • HIGH7.5CVE-2019-0222mqtt-client - security update
    >= 5.0.0, < 5.15.9
  • HIGH7.4CVE-2018-11775Improper Certificate Validation in Apache activemq-client
    from 0, < 5.15.6
  • MEDIUM6.1CVE-2016-0734Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
    >= 5.0.0, < 5.13.2
  • MEDIUM6.1CVE-2016-6810Improper Neutralization of Input During Web Page Generation Apache ActiveMQ
    >= 5.0.0, < 5.14.2
  • MEDIUM5.4CVE-2016-0782Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
    >= 5.0.0, < 5.11.4
  • MEDIUM4.9CVE-2015-7559Improper Input Validation and Missing Authentication for Critical Function in Apache ActiveMQ
    from 0, < 5.14.5
  • MEDIUM4.3CVE-2026-33227Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ Web, Apache ActiveMQ: Improper Limitation of a Pathname to a Restricted Classpath Directory
    from 0, < 5.19.3
  • CVE-2013-3060Improper Authentication in Apache ActiveMQ
    from 0, < 5.8.0
  • CVE-2013-1879Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
    from 0, < 5.9.0
  • CVE-2014-8110Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
    >= 5.0.0, < 5.10.1
  • CVE-2015-1830Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ
    >= 5.0.0, < 5.11.2