AM
To: users@activemq.apache.org
Subject: [EXTERNAL] Re: ActiveMQ 5.19.0 Security Vulnerabilities
CAUTION: This email originated from outside of the organization. Verify the
sender before clicking links, downloading attachments, or performing any
requested tasks.
> Critical: CVE-2016-12
> Critical: CVE-2016-127 —
https://nvd.nist.gov/vuln/detail/CVE-2016-127
The link indicates the CVE impacts "Spring Framework through 5.3.16."
However, ActiveMQ Classic 5.19.0 ships with Spring 5.3.39. This seems like
a false positive from your scanner.
Justin
On Mon, Apr 21, 2025 at 10
