Apache ActiveMQ 安全漏洞

Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. Versions of Apache ActiveMQ prior to 5.19.2, as well as versions 6.0.0 to 6.1.8 and 6.2.0, have security...

PT-2026-36814

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.67 Description A NULL pointer dereference in the mod authn socache module allows an unauthenticated remote user to crash a child process when a caching forward proxy configuration is used. A NULL pointe...

PT-2026-36812

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.66 Description A NULL pointer dereference in the mod dav lock module may allow an attacker to crash the server by sending a malicious request. A NULL pointer dereference occurs when a program attempts t...

Apache ActiveMQ Artemis和Apache Artemis 安全漏洞

Apache ActiveMQ Artemis and Apache Artemis are both products of the Apache Foundation in the United States. Apache ActiveMQ Artemis is a high-performance open-source message broker. Apache Artemis is a message broker software. Versions 2.50.0 to 2.51.0 of Apache Artemis, as well as versions 2.11....

PT-2026-22892

Name of the Vulnerable Software and Affected Versions Apache Artemis versions 2.50.0 through 2.51.0 Apache ActiveMQ Artemis versions 2.11.0 through 2.44.0 Description A missing authentication check for a critical function exists in Apache Artemis and Apache ActiveMQ Artemis. An unauthenticated...

GHSA-5FVG-QWCP-R325 Apache Ranger Vulnerable to Improper Validation of Certificate with Host Mismatch

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

GHSA-C87W-642H-M97H Apache Ranger has a Code Injection vulnerability

Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

Apache Ranger has a Code Injection vulnerability

Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

Apache Ranger Vulnerable to Improper Validation of Certificate with Host Mismatch

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

CVE-2025-59059

Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

CVE-2025-59060

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

CVE-2025-59059

Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

CVE-2025-59060

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

EUVD-2025-208229

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

CVE-2025-59060

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

CVE-2025-59060 Apache Ranger: Hostname verification bypass in NiFiRegistryClient and NifiClient

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

CVE-2025-59060

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

CVE-2025-59060 Apache Ranger: Hostname verification bypass in NiFiRegistryClient and NifiClient

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...

CVE-2025-59060

Summary: CVE-2025-59060 describes a hostname verification bypass in Apache Ranger’s NiFiRegistryClient/NiFiClient. The issue is reported for Apache Ranger versions ≤ 2.7.0 and is fixed by upgrading to version 2.8.0. Affected components: NiFiRegistryClient and NiFiClient within Apache Ranger. Root...

CVE-2025-59059 Apache Ranger: Remote Code Execution Vulnerability in NashornScriptEngineCreator

Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...