Red Hat Amq
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Red Hat Amq.
Recent Red Hat Amq Security Advisories
| Advisory | Title | Published |
|---|---|---|
| RHSA-2026:3102 | (RHSA-2026:3102) Moderate: AMQ Clients 2026.Q1 | February 23, 2026 |
| RHSA-2025:17567 | (RHSA-2025:17567) Important: Red Hat AMQ Broker 7.13.2 release and security update | October 8, 2025 |
| RHSA-2025:17562 | (RHSA-2025:17562) Moderate: AMQ Broker 7.13.2.OPR.1.GA Container Images release and security update | October 8, 2025 |
| RHSA-2025:16409 | (RHSA-2025:16409) Important: Red Hat AMQ Broker 7.12.5 release and security update | September 22, 2025 |
| RHSA-2025:13274 | (RHSA-2025:13274) Important: Red Hat AMQ Broker 7.13.1 release and security update | August 6, 2025 |
| RHSA-2025:12473 | (RHSA-2025:12473) Moderate: Red Hat AMQ Broker 7.12.5 release and security update | July 31, 2025 |
| RHSA-2025:12355 | (RHSA-2025:12355) Moderate: AMQ Broker 7.12.5.OPR.1.GA Container Images release and security update | July 31, 2025 |
| RHSA-2025:8147 | (RHSA-2025:8147) Moderate: AMQ Broker 7.13.0.OPR.1.GA Container Images security update | May 26, 2025 |
| RHSA-2025:7625 | (RHSA-2025:7625) Moderate: Red Hat AMQ Broker 7.13.0 release and security update | May 14, 2025 |
| RHSA-2024:6893 | (RHSA-2024:6893) Moderate: Red Hat AMQ Broker 7.12.0 release and security update | September 19, 2024 |
By the Year
In 2026 there have been 0 vulnerabilities in Red Hat Amq. Amq did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 5.90 |
| 2021 | 0 | 0.00 |
| 2020 | 2 | 6.50 |
It may take a day or so for new Amq vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Red Hat Amq Security Vulnerabilities
WildFly Log Trace Data Disclosure: Leakage of Deployment Names
CVE-2022-1278
7.5 - High
- September 13, 2022
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
Insecure Default Initialization of Resource
Confidentiality Disclosure in Red Hat AMQ 7.8 Management Console
CVE-2021-3763
4.3 - Medium
- August 23, 2022
A flaw was found in the Red Hat AMQ Broker management console in version 7.8 where an existing user is able to access some limited information even when the role the user is assigned to should not be allow access to the management console. The main impact is to confidentiality as this flaw means some role bindings are incorrectly checked, some privileged meta information such as queue names and configuration details are disclosed but the impact is limited as not all information is accessible and there is no affect to integrity.
AuthZ
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed
CVE-2020-14307
6.5 - Medium
- July 24, 2020
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.
Improper Resource Shutdown or Release
A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and
CVE-2020-14297
6.5 - Medium
- July 24, 2020
A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable.
Resource Exhaustion
Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
CVE-2015-5183
7.5 - High
- September 25, 2017
Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ.
Console: CORS headers set to
CVE-2015-5184
7.5 - High
- September 25, 2017
Console: CORS headers set to allow all in Red Hat AMQ.
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
CVE-2015-5182
8.8 - High
- September 25, 2017
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
Session Riding
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Red Hat Amq or by Red Hat? Click the Watch button to subscribe.
