CVE-2026-33227

Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ Web, Apache ActiveMQ. In two instances when creating a Stomp consumer and also browsing messages in the Web console an authenticated...

EUVD-2018-0638

Malware in sbrugna...

Security Bulletin: CVE-2018-11775 TLS hostname verification when using the Apache ActiveMQ Client

Summary TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default. Vulnerability Details CVEID:...

Security Bulletin: Apache ActiveMQ Client used in IBM Jazz for Service Management could allow a remote attacker to conduct a man-in-the-middle attack (CVE-2018-11775)

Summary Apache ActiveMQ Client used in IBM Jazz for Service Management could allow a remote attacker to conduct a man-in-the-middle attack CVE-2018-11775 Vulnerability Details CVEID: CVE-2018-11775 DESCRIPTION: Apache ActiveMQ Client could allow a remote attacker to conduct a man-in-the-middle...

GHSA-M9W8-V359-9FFR Improper Certificate Validation in Apache activemq-client

TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default...

Default credentials

TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default...