VYPR

AMQ Broker

by Red Hat

CVEs (5)

  • CVE-2025-58712MedOct 22, 2025
    risk 0.42cvss 6.4epss 0.00

    A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,…

  • CVE-2023-4066Sep 27, 2023
    risk 0.00cvss epss 0.00

    A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker.

  • CVE-2021-3763Aug 23, 2022
    risk 0.00cvss epss 0.01

    A flaw was found in the Red Hat AMQ Broker management console in version 7.8 where an existing user is able to access some limited information even when the role the user is assigned to should not be allow access to the management console. The main impact is to confidentiality…

  • CVE-2020-14379Aug 16, 2022
    risk 0.00cvss epss 0.00

    A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure.

  • CVE-2021-3425Jun 1, 2021
    risk 0.00cvss epss 0.00

    A flaw was found in the AMQ Broker that discloses JDBC encrypted usernames and passwords when provided in the AMQ Broker application logfile when using the jdbc persistence functionality. Versions shipped in Red Hat AMQ 7 are vulnerable.