Lucene search
Fedora: Security Advisory for apache-commons-lang3 (FEDORA-2024-129d8ca6fc)
🗓️ 08 Mar 2024 00:00:00Reported by Copyright (C) 2024 Greenbone AGType 
openvas🔗 plugins.openvas.org👁 14 Views
The remote host is missing an update for the 'apache-commons-lang3' package(s) announced via the FEDORA-2024-129d8ca6fc advisory. The Commons Lang Component provides a host of helper utilities for the java.lang API, notably string manipulation methods, basic numerical methods, object reflection, creation and serialization, and system properties. Additionally, it contains an inheritable enum type, an exception structure that supports multiple types of nested-Exceptions and a series of utilities dedicated to help with building methods. With version of commons-lang 3.x, developers decided to change API and therefore created differently named artifact and jar files. This is the new version, while apache-commons-lang is the compatibility package.
Show more
| Reporter | Title | Published | Views | Family All 199 |
|---|---|---|---|---|
 | Fedora 38 : chromium (2024-449696cdb8) | 3 Mar 202400:00 | – | nessus |
| FreeBSD : chromium -- multiple security fixes (31bb1b8d-d6dc-11ee-86bb-a8a1599412c6) | 29 Feb 202400:00 | – | nessus |
| Microsoft Edge (Chromium) < 122.0.2365.63 Multiple Vulnerabilities | 29 Feb 202400:00 | – | nessus |
| Fedora: Security Advisory for libbase (FEDORA-2024-129d8ca6fc) | 8 Mar 202400:00 | – | openvas |
| Fedora: Security Advisory for jansi1 (FEDORA-2024-129d8ca6fc) | 8 Mar 202400:00 | – | openvas |
| Fedora: Security Advisory for libreoffice (FEDORA-2024-129d8ca6fc) | 8 Mar 202400:00 | – | openvas |
| Fedora: Security Advisory for jssc (FEDORA-2024-129d8ca6fc) | 8 Mar 202400:00 | – | openvas |
| Fedora: Security Advisory for xalan-j2 (FEDORA-2024-129d8ca6fc) | 8 Mar 202400:00 | – | openvas |
| Fedora: Security Advisory for flute (FEDORA-2024-129d8ca6fc) | 8 Mar 202400:00 | – | openvas |
| Fedora: Security Advisory for java-diff-utils (FEDORA-2024-129d8ca6fc) | 8 Mar 202400:00 | – | openvas |
10
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.885914");
script_version("2025-01-13T08:32:03+0000");
script_cve_id("CVE-2024-1938", "CVE-2024-1939");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2025-01-13 08:32:03 +0000 (Mon, 13 Jan 2025)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-12-19 20:20:25 +0000 (Thu, 19 Dec 2024)");
script_tag(name:"creation_date", value:"2024-03-08 02:14:55 +0000 (Fri, 08 Mar 2024)");
script_name("Fedora: Security Advisory for apache-commons-lang3 (FEDORA-2024-129d8ca6fc)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Fedora Local Security Checks");
script_xref(name:"Advisory-ID", value:"FEDORA-2024-129d8ca6fc");
script_xref(name:"URL", value:"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PA24RQKTRXPQPV6PKRA732YUNGQKFBYS");
script_tag(name:"summary", value:"The remote host is missing an update for the 'apache-commons-lang3'
package(s) announced via the FEDORA-2024-129d8ca6fc advisory.
Note: This VT has been deprecated as a duplicate.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"The standard Java libraries fail to provide enough methods for
manipulation of its core classes. The Commons Lang Component provides
these extra methods.
The Commons Lang Component provides a host of helper utilities for the
java.lang API, notably String manipulation methods, basic numerical
methods, object reflection, creation and serialization, and System
properties. Additionally it contains an inheritable enum type, an
exception structure that supports multiple types of nested-Exceptions
and a series of utilities dedicated to help with building methods, such
as hashCode, toString and equals.
With version of commons-lang 3.x, developers decided to change API and
therefore created differently named artifact and jar files. This is
the new version, while apache-commons-lang is the compatibility
package.");
script_tag(name:"affected", value:"'apache-commons-lang3' package(s) on Fedora 40.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
script_tag(name:"deprecated", value:TRUE);
exit(0);
}
exit(66);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo08 Mar 2024 00:00Current
9.2High risk
Vulners AI Score9.2
CVSS38.8
EPSS0.00114
SSVC