Nixpkgs Security Tracker

Permalink CVE-2015-7559

updated 3 weeks, 2 days ago by @anthonyroussel Activity log

Created automatic suggestion 1 month ago
@anthonyroussel dismissed 3 weeks, 2 days ago

It was found that the Apache ActiveMQ client before 5.14.5 …

It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client.

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7559
https://issues.apache.org/jira/browse/AMQ-6470
https://issues.apache.org/jira/browse/AMQ-6470 x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7559 x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7559
https://issues.apache.org/jira/browse/AMQ-6470
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-7559 x_transferred
https://issues.apache.org/jira/browse/AMQ-6470 x_transferred

Affected products

ActiveMQ

==5.15.5

Matching in nixpkgs

pkgs.activemq

Messaging and Integration Patterns server written in Java

nixos-unstable 6.2.0
- nixpkgs-unstable 6.2.0
- nixos-unstable-small 6.2.0
nixos-25.11 6.1.8
- nixos-25.11-small 6.1.8
- nixpkgs-25.11-darwin 6.1.8

Package maintainers

@anthonyroussel Anthony Roussel <anthony@roussel.dev>

Old CVE, fixed with ActiveMQ 5.14.5
Upstream commit: https://github.com/apache/activemq/commit/b8fc78e
https://issues.apache.org/jira/browse/AMQ-6470

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.activemq

Package maintainers