Critical severity9.8NVD Advisory· Published Oct 27, 2017· Updated Jun 17, 2026
CVE-2014-3579
CVE-2014-3579
Description
XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.activemq:apollo-projectMaven | >= 1.0.0, < 1.7.1 | 1.7.1 |
Affected products
9cpe:2.3:a:apache:activemq_apollo:1.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:apache:activemq_apollo:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq_apollo:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq_apollo:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq_apollo:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq_apollo:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq_apollo:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq_apollo:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:activemq_apollo:1.7:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
12- activemq.apache.org/security-advisories.data/CVE-2014-3579-announcement.txtnvdVendor AdvisoryWEB
- seclists.org/oss-sec/2015/q1/428nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/72508nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/100721nvdIssue TrackingThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-wmhw-hpwh-44pgghsaADVISORY
- issues.apache.org/jira/browse/APLO-366nvdIssue TrackingThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2014-3579ghsaADVISORY
- github.com/apache/activemq-apollo/commit/e5647554e6801a522c508a8eb457979a9af8c398ghsaWEB
- lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3EghsaWEB
- web.archive.org/web/20150213000202/http://seclists.org/oss-sec/2015/q1/428ghsaWEB
- web.archive.org/web/20200228080433/http://www.securityfocus.com/bid/72508ghsaWEB
- lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3Envd
News mentions
0No linked articles in our index yet.