- Description
- Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on the availability of the ActiveMQ broker when not using mutual TLS connections. This issue affects Apache ActiveMQ: from 6.0.0 before 6.1.6, from 5.18.0 before 5.18.7, from 5.17.0 before 5.17.7, before 5.16.8. ActiveMQ 5.19.0 is not affected. Users are recommended to upgrade to version 6.1.6+, 5.19.0+, 5.18.7+, 5.17.7, or 5.16.8 or which fixes the issue. Existing users may implement mutual TLS to mitigate the risk on affected brokers.
- Source
- security@apache.org
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 6.9
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:D/RE:M/U:Red
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- security@apache.org
- CWE-789
- Hype score
- Not currently trending
#Vulnerability #ApacheActiveMQ CVE-2025-27533: Apache ActiveMQ Memory Allocation Bug Could Lead to Denial of Service https://t.co/C5L0GJQRTZ
@Komodosec
3 Jul 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ A critical DoS flaw in Apache ActiveMQ (CVE-2025-27533) allows attackers to trigger memory exhaustion remotely. Affects multiple versions. Patch NOW. Details ➡️ https://t.co/eT0em6PKp7 #infosec #ActiveMQ #CVE2025_27533
@threatsbank
9 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - absholi7ly/CVE-2025-27533-Exploit-for-Apache-ActiveMQ: exploit for CVE-2025-27533, a Denial of Service (DoS) vulnerability in Apache ActiveMQ - https://t.co/wuSlxOIjF2
@piedpiper1616
9 May 2025
2095 Impressions
16 Retweets
58 Likes
18 Bookmarks
0 Replies
0 Quotes
#Poc CVE-2025-27533 Exploit for #Apache #ActiveMQ https://t.co/wQB9qsnc6l https://t.co/YdjWzTqxTn
@absholi7ly
9 May 2025
99 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 CVE-2025-27533: Apache ActiveMQ Memory Allocation Bug Could Lead to Denial of Service 📊41.9M+ Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/THN977KJdZ 👇Query HUNTER : https://t.co/q9rtuGgxk7="Apache ActiveMQ" FOFA : htt
@HunterMapping
8 May 2025
1323 Impressions
2 Retweets
18 Likes
5 Bookmarks
0 Replies
0 Quotes
CVE-2025-27533 Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly va… https://t.co/XLCubPYhV2
@CVEnew
7 May 2025
371 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-27533 CVE-2025-27533 https://t.co/kZiHuOpJ5P
@VulmonFeeds
7 May 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC81B492-F56A-4D88-B98E-246C9401128D",
"versionEndIncluding": "5.16.8",
"versionStartIncluding": "5.16.0"
},
{
"criteria": "cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B3396C6-3A42-480B-98EE-554A8A5745E1",
"versionEndIncluding": "5.17.7",
"versionStartIncluding": "5.17.0"
},
{
"criteria": "cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB864869-AB2D-44BF-ADE4-7381D5F52D0B",
"versionEndExcluding": "5.18.7",
"versionStartIncluding": "5.18.0"
},
{
"criteria": "cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF31F5B0-D737-4EC2-BF00-CC8C44AF7BB0",
"versionEndExcluding": "6.1.6",
"versionStartIncluding": "6.0.0"
}
],
"operator": "OR"
}
]
}
]