DEBIAN-CVE-2018-8006

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2018-8006
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2018-8006.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2018-8006
Upstream
Published
2018-10-10T14:29:00.497Z
Modified
2025-11-19T01:19:05.910714Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp page of Apache ActiveMQ versions 5.0.0 to 5.15.5. The root cause of this issue is improper data filtering of the QueueFilter parameter.

References

Affected packages

Debian:11 / activemq

Package

Name
activemq
Purl
pkg:deb/debian/activemq?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.6-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2018-8006.json"

Debian:12 / activemq

Package

Name
activemq
Purl
pkg:deb/debian/activemq?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.6-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2018-8006.json"

Debian:13 / activemq

Package

Name
activemq
Purl
pkg:deb/debian/activemq?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.6-1

Ecosystem specific 

{
    "urgency": "unimportant"
}

Database specific

source 
"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2018-8006.json"