Apache ActiveMQ ™ -- Security Advisories

ActiveMQ ASF

Community > Security Advisories

Download | JavaDocs More... | Source | Forums | Support

Apache ActiveMQ

2017

CVE-2015-7559 - DoS in client via shutdown command

2016

CVE-2016-6810 - ActiveMQ Web Console - Cross-Site Scripting
CVE-2016-0734 - ActiveMQ Web Console - Clickjacking
CVE-2016-0782 - ActiveMQ Web Console - Cross-Site Scripting
CVE-2016-3088 - ActiveMQ Fileserver web application vulnerabilities

2015

CVE-2015-5254 - Unsafe deserialization in ActiveMQ
CVE-2015-1830 - Path traversal leading to unauthenticated RCE in ActiveMQ

2014

CVE-2014-3576 - Remote Unauthenticated Shutdown of Broker (DoS)
CVE-2014-3600 - Apache ActiveMQ XXE with XPath selectors
CVE-2014-3612 - ActiveMQ JAAS: LDAPLoginModule allows empty password authentication and Wildcard Interpretation
CVE-2014-8110 - ActiveMQ Web Console - Cross-Site Scripting

ActiveMQ Apollo

2014

CVE-2014-3579 - ActiveMQ Apollo XXE with XPath selectors

© 2004-2011 The Apache Software Foundation.
Apache ActiveMQ, ActiveMQ, Apache, the Apache feather logo, and the Apache ActiveMQ project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.
Graphic Design By Hiram