Google Git
Sign in
apache / activemq-web / d3c643c78868e59f1f450583270c6e895314f1c8 / . / security-advisories.html
blob: 59ca1b7117780e8aaa3eaecfd679f6f0c5cd3857 [file] [log] [blame]
<div class="wiki-content maincontent"><h2 id="SecurityAdvisories-ApacheActiveMQ">Apache ActiveMQ</h2><h3 id="SecurityAdvisories-2017">2017</h3><ul><li><p class="p1"><span class="s1"><a shape="rect" href="security-advisories.data/CVE-2015-7559-announcement.txt?version=1&amp;modificationDate=1493024710000&amp;api=v2" data-linked-resource-id="69407411" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2015-7559-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2015-7559</a> -&#160;DoS in client via shutdown command</span></p></li></ul><h3 id="SecurityAdvisories-2016">2016</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2016-6810-announcement.txt?version=2&amp;modificationDate=1481290006000&amp;api=v2" data-linked-resource-id="67634297" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2016-6810-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2016-6810</a>&#160;-&#160;ActiveMQ Web Console - Cross-Site Scripting</li><li><a shape="rect" href="security-advisories.data/CVE-2016-0734-announcement.txt?version=1&amp;modificationDate=1457613666000&amp;api=v2" data-linked-resource-id="62687061" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2016-0734-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2016-0734</a>&#160;-&#160;ActiveMQ Web Console - Clickjacking</li><li><a shape="rect" href="security-advisories.data/CVE-2016-0782-announcement.txt?version=2&amp;modificationDate=1458229308000&amp;api=v2" data-linked-resource-id="62687062" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2016-0782-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2016-0782</a>&#160;-&#160;ActiveMQ Web Console - Cross-Site Scripting</li><li><a shape="rect" href="security-advisories.data/CVE-2016-3088-announcement.txt?version=5&amp;modificationDate=1464092715000&amp;api=v2" data-linked-resource-id="63406525" data-linked-resource-version="5" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2016-3088-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2016-3088</a> -&#160;ActiveMQ Fileserver web application vulnerabilities</li></ul><h3 id="SecurityAdvisories-2015">2015</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2015-5254-announcement.txt?version=1&amp;modificationDate=1449589734000&amp;api=v2" data-linked-resource-id="61331741" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2015-5254-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2015-5254</a> -&#160;Unsafe deserialization in ActiveMQ</li><li><a shape="rect" href="security-advisories.data/CVE-2015-1830-announcement.txt?version=2&amp;modificationDate=1440426986000&amp;api=v2" data-linked-resource-id="61313840" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2015-1830-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2015-1830</a> - Path traversal leading to unauthenticated RCE in ActiveMQ&#160;</li></ul><h3 id="SecurityAdvisories-2014">2014</h3><ul><li><a shape="rect" href="security-advisories.data/CVE-2014-3576-announcement.txt?version=1&amp;modificationDate=1446901063000&amp;api=v2" data-linked-resource-id="61327457" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-3576-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2014-3576</a> -&#160;Remote Unauthenticated Shutdown of Broker (DoS)</li><li><a shape="rect" href="security-advisories.data/CVE-2014-3600-announcement.txt?version=2&amp;modificationDate=1423051306000&amp;api=v2" data-linked-resource-id="52035730" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-3600-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2014-3600</a>&#160;-&#160;Apache ActiveMQ XXE with XPath selectors</li><li><a shape="rect" href="security-advisories.data/CVE-2014-3612-announcement.txt?version=2&amp;modificationDate=1423051365000&amp;api=v2" data-linked-resource-id="52035731" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-3612-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2014-3612</a> -&#160;ActiveMQ JAAS: LDAPLoginModule allows empty password authentication and Wildcard Interpretation</li><li><a shape="rect" href="security-advisories.data/CVE-2014-8110-announcement.txt?version=2&amp;modificationDate=1423051381000&amp;api=v2" data-linked-resource-id="52035732" data-linked-resource-version="2" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-8110-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2014-8110</a> -&#160;<span style="line-height: 1.4285715;">ActiveMQ Web Console - Cross-Site Scripting</span><span style="line-height: 1.4285715;"><br clear="none"></span></li></ul><h2 id="SecurityAdvisories-ActiveMQApollo"><span style="line-height: 1.4285715;">ActiveMQ Apollo</span></h2><h3 id="SecurityAdvisories-2014.1"><span style="line-height: 1.4285715;">2014</span></h3><ul><li><span style="line-height: 1.4285715;"><span style="line-height: 1.4285715;">&#160;</span></span><a shape="rect" href="security-advisories.data/CVE-2014-3579-announcement.txt?version=1&amp;modificationDate=1423054118000&amp;api=v2" data-linked-resource-id="52035737" data-linked-resource-version="1" data-linked-resource-type="attachment" data-linked-resource-default-alias="CVE-2014-3579-announcement.txt" data-nice-type="Text File" data-linked-resource-content-type="text/plain" data-linked-resource-container-id="51808957" data-linked-resource-container-version="13">CVE-2014-3579</a><span style="line-height: 1.4285715;"> -&#160;ActiveMQ Apollo XXE with XPath selectors</span></li></ul><p><span style="line-height: 1.4285715;">&#160;</span></p></div>