Re: [EXTERNAL] Re: ActiveMQ 5.19.0 Security Vulnerabilities

Justin, great catch on that one. I will look into this further. Respectfully, Del Simmons Consultant [https://imageproxy.zdassets.com/f278a90c30fb481db71e629e726d493f9f3498ab?url=http%3A%2F%2Fzigabytepublic.s3.us-east-2.amazonaws.com%2FZigabyteEmail130x26.png]

Re: ActiveMQ 5.19.0 Security Vulnerabilities

> Critical: CVE-2016-127 — https://nvd.nist.gov/vuln/detail/CVE-2016-127 The link indicates the CVE impacts "Spring Framework through 5.3.16." However, ActiveMQ Classic 5.19.0 ships with Spring 5.3.39. This seems like a false positive from your scanner. Justin On Mon, Apr 21, 2025 at 10

ActiveMQ 5.19.0 Security Vulnerabilities

Hi, I am new to the group. Hoping to get some information on two vulnerabilities that were returned when running a Trivy scan on ActiveMQ 5.19.0. I realize these would be resolved if we just upgraded to ActiveMQ 6.1.6, but another piece of software on our system is not compatible with Java 17