CRITICAL10.0CVE-2023-46604⚠ KEVApache ActiveMQ, Apache ActiveMQ Legacy OpenWire Module: Unbounded deserialization causes ActiveMQ to be vulnerable to a remote code execution (RCE) attack from 0, < 5.15.16
CRITICAL9.8CVE-2016-3088⚠ KEVImproper Input Validation in Apache ActiveMQ >= 5.0.0, < 5.14.0
CRITICAL9.8Improper Restriction of XML External Entity Reference in Apache ActiveMQ
>= 5.0.0, < 5.10.1
CRITICAL9.8activemq - security update
>= 5.0.0, < 5.11.3
HIGH7.5Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Incorrect handling of TLSv1.3 KeyUpdate can be exploited to cause DoS via OOM
from 0, < 5.19.4
HIGH7.5Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation
from 0, < 5.16.8
HIGH7.5activemq - security update
from 0, < 5.11.0
HIGH7.5mqtt-client - security update
>= 5.0.0, < 5.15.9
HIGH7.4Improper Certificate Validation in Apache activemq-client
from 0, < 5.15.6
MEDIUM6.1Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
>= 5.0.0, < 5.13.2
MEDIUM6.1Improper Neutralization of Input During Web Page Generation Apache ActiveMQ
>= 5.0.0, < 5.14.2
MEDIUM5.4Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
>= 5.0.0, < 5.11.4
MEDIUM4.9activemq - security update
from 0, < 5.14.5
MEDIUM4.3Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ Web, Apache ActiveMQ: Improper Limitation of a Pathname to a Restricted Classpath Directory
from 0, < 5.19.3
—Improper Authentication in Apache ActiveMQ
from 0, < 5.8.0
—Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
from 0, < 5.9.0
—Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
>= 5.0.0, < 5.10.1
—Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ
>= 5.0.0, < 5.11.2