Medium severity5.5OSV Advisory· Published May 26, 2025· Updated Apr 15, 2026
CVE-2025-4057
CVE-2025-4057
Description
A flaw was found in ActiveMQ Artemis. The password generated by activemq-artemis-operator does not regenerate between separated CR dependencies.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/arkmq-org/activemq-artemis-operatorGo | <= 0.0.0-20250418141202-b262048e6a75 | — |
Affected products
3- Range: 0.1.0, 0.10.0, 0.10.0-SNAPSHOT, …
- ghsa-coords2 versionspkg:golang/github.com/arkmq-org/activemq-artemis-operatorpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweed
<= 0.0.0-20250418141202-b262048e6a75+ 1 more
- (no CPE)range: <= 0.0.0-20250418141202-b262048e6a75
- (no CPE)range: < 0.0.20250529T205903-1.1
Patches
Vulnerability mechanics
References
9- github.com/advisories/GHSA-q5q7-8x6x-hcg2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-4057ghsaADVISORY
- access.redhat.com/errata/RHSA-2025:12355nvdWEB
- access.redhat.com/errata/RHSA-2025:12473nvdWEB
- access.redhat.com/errata/RHSA-2025:8147nvdWEB
- access.redhat.com/security/cve/CVE-2025-4057nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- github.com/arkmq-org/activemq-artemis-operator/commit/d3482fab6d0060794226c9e5a6fa67d209abc35anvdWEB
- github.com/arkmq-org/activemq-artemis-operator/issues/1130nvdWEB
News mentions
0No linked articles in our index yet.