157 matches found
ROOT-APP-MAVEN-CVE-2025-27533 CVE-2025-27533 in io.root.org.apache.activemq:activemq-openwire-legacy - Patched by Root
Root has patched CVE-2025-27533 in the io.root.org.apache.activemq:activemq-openwire-legacy package for Root:Maven. Multiple fixed versions available...
Incorrect Authorization
Apache Artemis is vulnerable to Incorrect Authorization. The vulnerability is due to incorrect authorization, where an authenticated user with the 'createDurableQueue' permission but without the 'createAddress' permission can create a temporary address when attempting to create a non-durable JMS...
Linux Distros Unpatched Vulnerability : CVE-2026-32642
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to crea...
org.apache.artemis:apache-artemis (>=2.50.0 <=2.52.0), org.apache.artemis:artemis-features (>=2.50.0 <=2.52.0) +1 more potentially affected by CVE-2026-32642 via org.apache.artemis:artemis-openwire-protocol (>=2.50.0 <=2.52.0)
org.apache.artemis:artemis-openwire-protocol MAVEN version =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.52.0 Source cves: CVE-2026-32642 Source advisory: SNYK:JAVA-ORGAPACHEARTEMIS-15791525...
EUVD-2026-14782
Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...
org.apache.artemis:apache-artemis (>=2.50.0 <=2.52.0), org.apache.artemis:artemis-features (>=2.50.0 <=2.52.0) +1 more potentially affected by CVE-2026-32642 via org.apache.artemis:artemis-openwire-protocol (>=2.50.0 <=2.52.0)
org.apache.artemis:artemis-openwire-protocol MAVEN version =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.52.0 Source cves: CVE-2026-32642 Source advisory: OSV:GHSA-F4GC-MWRG-Q36R...
com.io7m.jsay:com.io7m.jsay (=0.0.2), com.jkoolcloud.tnt4j.streams:tnt4j-streams-jms (>=1.14.2 <=2.3.0) +5 more potentially affected by CVE-2026-32642 via org.apache.activemq:artemis-openwire-protocol (>=2.0.0 <=2.4.0)
org.apache.activemq:artemis-openwire-protocol MAVEN version =2.0.0, =1.14.2, =0.1.0, =0.1.0, =2.0.0, =2.31.1, =2.29.0, =2.44.0 Source cves: CVE-2026-32642 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15791526...
com.io7m.jsay:com.io7m.jsay (=0.0.2), com.jkoolcloud.tnt4j.streams:tnt4j-streams-jms (>=1.14.2 <=2.3.0) +5 more potentially affected by CVE-2026-32642 via org.apache.activemq:artemis-openwire-protocol (>=2.0.0 <=2.4.0)
org.apache.activemq:artemis-openwire-protocol MAVEN version =2.0.0, =1.14.2, =0.1.0, =0.1.0, =2.0.0, =2.31.1, =2.29.0, =2.44.0 Source cves: CVE-2026-32642 Source advisory: OSV:GHSA-F4GC-MWRG-Q36R...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the OpenWire protocol when an authenticated user with the createDurableQueue permission but without the createAddress permission attempts to create a non-durable JMS topic subscription on a non-existent addres...
Incorrect Authorization
Overview org.apache.activemq:artemis-openwire-protocol is a package for activemq. Affected versions of this package are vulnerable to Incorrect Authorization in the OpenWire protocol when an authenticated user with the createDurableQueue permission but without the createAddress permission attempt...
GHSA-F4GC-MWRG-Q36R Apache Artemis: Unauthorized Temporary Address Creation via OpenWire Protocol
Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...
Apache Artemis: Unauthorized Temporary Address Creation via OpenWire Protocol
Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...
CVE-2026-32642
Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...
CVE-2026-32642
Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...
UBUNTU-CVE-2026-32642
Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...
CVE-2026-32642 Apache Artemis, Apache ActiveMQ Artemis: Temporary address auto-created for OpenWire consumer without createAddress permission
Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...
CVE-2026-32642 Apache Artemis, Apache ActiveMQ Artemis: Temporary address auto-created for OpenWire consumer without createAddress permission
Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...
CVE-2026-32642
Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...
CVE-2026-32642
CVE-2026-32642 is an authorization bypass in Apache Artemis/ActiveMQ Artemis OpenWire handling: when an authenticated user with createDurableQueue but without createAddress attempts to create a non-durable JMS topic subscription on a non-existent address and address auto-creation is disabled, a t...
PT-2026-26884
Name of the Vulnerable Software and Affected Versions Apache Artemis versions 2.50.0 through 2.52.0 Apache ActiveMQ Artemis versions 2.0.0 through 2.44.0 Description An authorization issue exists in Apache Artemis and Apache ActiveMQ Artemis. Specifically, when an application utilizing the OpenWi...