Vulnerabilities > Apache > Activemq Artemis > 2.6.0

DATE CVE VULNERABILITY TITLE RISK
2024-10-14 CVE-2023-50780 Unspecified vulnerability in Apache Activemq Artemis
Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint.
network
low complexity
apache
8.8
2022-08-24 CVE-2021-4040 Out-of-bounds Write vulnerability in multiple products
A flaw was found in AMQ Broker.
network
low complexity
redhat apache CWE-787
5.3
2022-08-23 CVE-2022-35278 Cross-site Scripting vulnerability in multiple products
In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.
network
low complexity
apache netapp CWE-79
6.1
2022-02-04 CVE-2022-23913 In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.
network
low complexity
apache netapp
7.5
2021-01-27 CVE-2021-26117 Improper Authentication vulnerability in multiple products
The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server.
network
low complexity
apache netapp debian oracle CWE-287
7.5
2020-07-20 CVE-2020-13932 Cross-site Scripting vulnerability in Apache Activemq Artemis
In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability.
network
low complexity
apache CWE-79
6.1