[jira] [Resolved] (AMQ-8246) CVE-2021-26117 still exists on 5.16.1

Jira Thu, 29 May 2025 21:55:01 -0700


     [ 
https://issues.apache.org/jira/browse/AMQ-8246?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jean-Baptiste Onofré resolved AMQ-8246.
---------------------------------------
    Fix Version/s:     (was: 6.2.0)
                       (was: 6.1.7)
       Resolution: Not A Problem

I double checked and I confirm ActiveMQ 5.16.1 includes the fix for the CVE:

 

https://github.com/apache/activemq/commit/c9f68f4

> CVE-2021-26117  still exists on 5.16.1
> --------------------------------------
>
>                 Key: AMQ-8246
>                 URL: https://issues.apache.org/jira/browse/AMQ-8246
>             Project: ActiveMQ Classic
>          Issue Type: Bug
>            Reporter: Ashwini Kote Basavaraj
>            Assignee: Jean-Baptiste Onofré
>            Priority: Critical
>         Attachments: MSR-AMQ.png
>
>
> From the link from apache  
> [https://activemq.apache.org/security-advisories.data/CVE-2021-26117-announcement.txt,]
>  LDAP related CVE-2021-26117 should be fixed on version 5.16.1. 
> We upgraded activemq in our jar file to 5.16.1 and the issue still persists. 
> Could you please help me understand why we are seeing bug on 5.16.1



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact

[jira] [Resolved] (AMQ-8246) CVE-2021-26117 still exists on 5.16.1

Reply via email to