13 matches found
SUSE CVE-2026-13503
A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the Grammar Action Block Handler process in OutputFile.java. An attacker can execute arbitrary code by providing crafted input to the affected component. Remediation There is no fixed version for...
UBUNTU-CVE-2026-13503
A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be...
CVE-2026-13503 antlr ANTLR4 tokenVocab Grammar Option TokenVocabParser.java getImportedVocabFile path traversal
A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be...
CVE-2026-13503
CVE-2026-13503 affects antlr ANTLR4 up to 4.13.2. The vulnerability resides in the function getImportedVocabFile of tokenVocab Grammar Option Handler, specifically in TokenVocabParser.java, enabling a path traversal vulnerability. It can be exploited remotely and the exploit is public. The vendor...
EUVD-2026-39999
A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file tool/src/org/antlr/v4/codegen/target/GoTarget.java of the component gofmt. The manipulation leads to command injection. The attack can only be performed fro...
CVE-2026-13500
A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of the component Grammar Action Block Handler. Executing a manipulation can lead to code injection. The attack may be launched remotely. The...
CVE-2026-13500 antlr ANTLR4 Grammar Action Block OutputFile.java code injection
A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of the component Grammar Action Block Handler. Executing a manipulation can lead to code injection. The attack may be launched remotely. The...
CVE-2026-13500
The CVE-2026-13500 issue affects antlr ANTLR4 up to 4.13.2, specifically the Grammar Action Block Handler’s OutputFile.java in the tool. The underlying problem is a manipulation of OutputFile.java that can cause code injection. The vulnerability is described as exploitable remotely, with a public...
EUVD-2026-39998
A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of the component Grammar Action Block Handler. Executing a manipulation can lead to code injection. The attack may be launched remotely. The...
PT-2026-53112
Name of the Vulnerable Software and Affected Versions ANTLR4 versions prior to 4.13.3 Description Command injection is possible in the gofmt component via the GoTarget function located in the tool/src/org/antlr/v4/codegen/target/GoTarget.java file. This issue allows an attacker to execute arbitra...
PT-2026-53114
Name of the Vulnerable Software and Affected Versions ANTLR4 versions prior to 4.13.3 Description An issue exists in the tokenVocab Grammar Option Handler where the getImportedVocabFile function in the tool/src/org/antlr/v4/parse/TokenVocabParser.java file is susceptible to path traversal. This...
Linux Distros Unpatched Vulnerability : CVE-2026-13503
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file...