157 matches found
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value during the unmarshalling of OpenWire commands, where the size value of buffers is not properly validated. An attacker can deplete process memory and cause service disruptions by sending crafte...
com.chutneytesting:chutney-kotlin-dsl (>=0.1.18 <=1.0.1), com.codbex.aion:codbex-aion-platform (>=0.5.6 <=0.5.7) +157 more potentially affected by CVE-2025-27533 via org.apache.activemq:activemq-openwire-legacy (>=5.17.0 <=5.17.6)
org.apache.activemq:activemq-openwire-legacy MAVEN version =5.17.0, =0.1.18, =0.5.6, =0.5.6, =0.5.6, =0.3.0, =0.3.0, =0.5.3, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.4.0 and more Source cves: CVE-2025-27533 Source advisory:...
be.yildiz-games:module-messaging-activemq (=1.0.15), com.chutneytesting:action-impl (>=2.2.1 <=3.0.0) +53 more potentially affected by CVE-2025-27533 via org.apache.activemq:activemq-openwire-legacy (>=5.18.0 <=5.18.6)
org.apache.activemq:activemq-openwire-legacy MAVEN version =5.18.0, =2.2.1, =2.2.1, =2.2.2, =2.2.1, =0.17.0, =0.19.12-2023-11-12, =0.19.12-2023-11-12, =RC0-0.19.12-2023-10-27, =RC0-0.19.12-2023-10-27, =1.2.1.2, =1.2.1.1-beta.1, =0.10.0, =1.1.0, =1.5.0, =1.8.0 and more Source cves: CVE-2025-27533...
Memory Allocation with Excessive Size Value
Overview org.apache.activemq:activemq-client is a high performance Apache 2.0 licensed Message Broker and JMS 1.1 implementation. Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value during the unmarshalling of OpenWire commands, where the size value of...
be.yildiz-games:module-messaging-activemq (=2.0.0), com.codbex.atlas:codbex-atlas-application (>=1.1.0 <=2.108.0) +77 more potentially affected by CVE-2025-27533 via org.apache.activemq:activemq-openwire-legacy (>=6.0.0 <=6.1.5)
org.apache.activemq:activemq-openwire-legacy MAVEN version =6.0.0, =1.1.0, =2.55.0, =1.0.5, =1.1.0, =1.1.0, =1.1.0, =0.2.0, =1.1.0, =0.2.2, =1.4.0, =6.0.0, =6.1.5 and more Source cves: CVE-2025-27533 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-10074038...
be.yildiz-games:module-messaging-activemq (=2.0.0), com.codbex.atlas:codbex-atlas-application (>=1.1.0 <=2.108.0) +77 more potentially affected by CVE-2025-27533 via org.apache.activemq:activemq-openwire-legacy (>=6.0.0 <=6.1.5)
org.apache.activemq:activemq-openwire-legacy MAVEN version =6.0.0, =1.1.0, =2.55.0, =1.0.5, =1.1.0, =1.1.0, =1.1.0, =0.2.0, =1.1.0, =0.2.2, =1.4.0, =6.0.0, =6.1.5 and more Source cves: CVE-2025-27533 Source advisory: OSV:GHSA-WHXR-3P84-RF3C...
be.yildiz-games:module-messaging-activemq (=1.0.15), com.chutneytesting:action-impl (>=2.2.1 <=3.0.0) +53 more potentially affected by CVE-2025-27533 via org.apache.activemq:activemq-openwire-legacy (>=5.18.0 <=5.18.6)
org.apache.activemq:activemq-openwire-legacy MAVEN version =5.18.0, =2.2.1, =2.2.1, =2.2.2, =2.2.1, =0.17.0, =0.19.12-2023-11-12, =0.19.12-2023-11-12, =RC0-0.19.12-2023-10-27, =RC0-0.19.12-2023-10-27, =1.2.1.2, =1.2.1.1-beta.1, =0.10.0, =1.1.0, =1.5.0, =1.8.0 and more Source cves: CVE-2025-27533...
DEBIAN-CVE-2025-27533
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service DoS by depleting process memor...
UBUNTU-CVE-2025-27533
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service DoS by depleting process memor...
The vulnerability of the Apache ActiveMQ NMS OpenWire Client software platform lies in its ability to restore unreliable data in memory, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Apache ActiveMQ NMS OpenWire Client software platform lies in the recovery of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Apache ActiveMQ NMS OpenWire Client Deserialization Vulnerability
Apache ActiveMQ NMS OpenWire Client is an American Apache Apache Foundation . A deserialization vulnerability exists in Apache ActiveMQ NMS OpenWire Client versions prior to 2.1.1, which arises from unsafe deserialization of serialized data received by an application from a user and can be...
CVE-2025-29953
Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...
GHSA-9G64-R942-FVMP Apache ActiveMQ NMS OpenWire Client Deserialization of Untrusted Data vulnerability
Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...
Apache ActiveMQ NMS OpenWire Client Deserialization of Untrusted Data vulnerability
Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...
CVE-2025-29953
Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...
CVE-2025-29953 Apache ActiveMQ NMS OpenWire Client: deserialization allowlist bypass
Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...
CVE-2025-29953 Apache ActiveMQ NMS OpenWire Client: deserialization allowlist bypass
Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...
PT-2025-17306 · Apache · Apache Activemq Nms Openwire Client
Name of the Vulnerable Software and Affected Versions: Apache ActiveMQ NMS OpenWire Client versions prior to 2.1.1 Description: The issue affects the Apache ActiveMQ NMS OpenWire Client when connecting to untrusted servers, allowing these servers to potentially abuse unbounded deserialization in...
Apache ActiveMQ NMS OpenWire Client Deserialization of Untrusted Data vulnerability
Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious...
Apache ActiveMQ NMS OpenWire Client 安全漏洞
Apache ActiveMQ NMS OpenWire Client is an American Apache Apache Foundation . A deserialization vulnerability exists in Apache ActiveMQ NMS OpenWire Client versions prior to 2.1.1, which arises from unsafe deserialization of serialized data received by an application from a user and can be...