OESA-2026-1679

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2026-1679

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2026-1679.json

JSON Data

https://api.osv.dev/v1/vulns/OESA-2026-1679

Upstream

CVE-2025-66168

Published

2026-03-20T14:25:14Z

Modified

2026-03-20T14:30:48.456597Z

Summary

activemq security update

Details

The most popular and powerful open source messaging and Integration Patterns server.

Security Fix(es):

A vulnerability classified as problematic has been found in Apache ActiveMQ (Application Server Software).CWE is classifying the issue as CWE-190. The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.This is going to have an impact on integrity, and availability.Upgrading to version 5.19.2, 6.1.9 or 6.2.1 eliminates this vulnerability.(CVE-2025-66168)

Database specific

{
    "severity": "Medium"
}

References

Affected packages

openEuler:24.03-LTS / activemq

Package

Name: activemq
Purl: pkg:rpm/openEuler/activemq&distro=openEuler-24.03-LTS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.19.2-1.oe2403

Ecosystem specific

{
    "src": [
        "activemq-5.19.2-1.oe2403.src.rpm"
    ],
    "noarch": [
        "activemq-5.19.2-1.oe2403.noarch.rpm",
        "activemq-javadoc-5.19.2-1.oe2403.noarch.rpm"
    ]
}

Database specific

source

"https://repo.openeuler.org/security/data/osv/OESA-2026-1679.json"