This is an automated email from the ASF dual-hosted git repository.
asf-gitbox-commits pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/activemq-website.git
The following commit(s) were added to refs/heads/asf-site by this push:
new f67fa9c5e Automatic Site Publish by Buildbot
f67fa9c5e is described below
commit f67fa9c5e95a5c19080e91fd6936ed747d3d7a0f
Author: buildbot <[email protected]>
AuthorDate: Mon Jun 29 19:16:42 2026 +0000
Automatic Site Publish by Buildbot
---
output/components/classic/security.html | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/output/components/classic/security.html
b/output/components/classic/security.html
index 40344e50d..d7e892a63 100644
--- a/output/components/classic/security.html
+++ b/output/components/classic/security.html
@@ -97,15 +97,15 @@
<p>See the main <a href="../../security-advisories">Security Advisories</a>
page for details for other components and general information such as reporting
new security issues.</p>
<ul>
- <li><a
href="../../security-advisories.data/CVE-2026-54475-announcement.txt">CVE-2026-54475</a>
- Authenticated low-privilege Web users retain Jolokia broker-management
capability by default</li>
- <li><a
href="../../security-advisories.data/CVE-2026-53917-announcement.txt">CVE-2026-53917</a>
- Authenticated low-privilege Web users retain Jolokia broker-management
capability by default</li>
- <li><a
href="../../security-advisories.data/CVE-2026-49157-announcement.txt">CVE-2026-53916</a>
- Authenticated low-privilege Web users retain Jolokia broker-management
capability by default</li>
- <li><a
href="../../security-advisories.data/CVE-2026-50760-announcement.txt">CVE-2026-50760</a>
- Authenticated low-privilege Web users retain Jolokia broker-management
capability by default</li>
- <li><a
href="../../security-advisories.data/CVE-2026-50750-announcement.txt">CVE-2026-50750</a>
- Authenticated low-privilege Web users retain Jolokia broker-management
capability by default</li>
- <li><a
href="../../security-advisories.data/CVE-2026-50734-announcement.txt">CVE-2026-50734</a>
- Authenticated low-privilege Web users retain Jolokia broker-management
capability by default</li>
- <li><a
href="../../security-advisories.data/CVE-2026-49877-announcement.txt">CVE-2026-49877</a>
- Authenticated low-privilege Web users retain Jolokia broker-management
capability by default</li>
- <li><a
href="../../security-advisories.data/CVE-2026-49434-announcement.txt">CVE-2026-49434</a>
- Authenticated low-privilege Web users retain Jolokia broker-management
capability by default</li>
- <li><a
href="../../security-advisories.data/CVE-2026-49432-announcement.txt">CVE-2026-49432</a>
- Authenticated low-privilege Web users retain Jolokia broker-management
capability by default</li>
+ <li><a
href="../../security-advisories.data/CVE-2026-54475-announcement.txt">CVE-2026-54475</a>
- Temporary destination ownership takeover</li>
+ <li><a
href="../../security-advisories.data/CVE-2026-53917-announcement.txt">CVE-2026-53917</a>
- Unbounded memory allocation in OpenWire property unmarshalling</li>
+ <li><a
href="../../security-advisories.data/CVE-2026-49157-announcement.txt">CVE-2026-53916</a>
- Unbounded header buffer in STOMP NIO codec</li>
+ <li><a
href="../../security-advisories.data/CVE-2026-50760-announcement.txt">CVE-2026-50760</a>
- Stored XSS via Unescaped values in ActiveMQ Web Console</li>
+ <li><a
href="../../security-advisories.data/CVE-2026-50750-announcement.txt">CVE-2026-50750</a>
- Pre-authentication OpenWire DoS following fix for CVE-2026-49270</li>
+ <li><a
href="../../security-advisories.data/CVE-2026-50734-announcement.txt">CVE-2026-50734</a>
- Pre-authentication OpenWire memory-allocation DoS during wire format
negotiation</li>
+ <li><a
href="../../security-advisories.data/CVE-2026-49877-announcement.txt">CVE-2026-49877</a>
- Authenticated web users retain admin access by default in the Web
Console</li>
+ <li><a
href="../../security-advisories.data/CVE-2026-49434-announcement.txt">CVE-2026-49434</a>
- LdapNetworkConnector instantiates denied transports and a remote-properties
broker</li>
+ <li><a
href="../../security-advisories.data/CVE-2026-49432-announcement.txt">CVE-2026-49432</a>
- STOMP negative content-length enables denial of service</li>
<li><a
href="../../security-advisories.data/CVE-2026-49270-announcement.txt">CVE-2026-49270</a>
- Durable Subscription Disclosure via Crafted BrokerInfo (OpenWire)</li>
<li><a
href="../../security-advisories.data/CVE-2026-49157-announcement.txt">CVE-2026-49157</a>
- Authenticated low-privilege Web users retain Jolokia broker-management
capability by default</li>
<li><a
href="../../security-advisories.data/CVE-2026-46605-announcement.txt">CVE-2026-46605</a>
- Incomplete authorization during destination removal</li>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact