EUVD-2020-1505

Malware in sbrugna...

EUVD-2016-7419

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2015-3253

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial o...

Linux Distros Unpatched Vulnerability : CVE-2016-6814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization...

RHEL 7 : groovy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - Apache Groovy: Remote code execution via deserialization CVE-2016-6814 Note that Nessus has not tested for this iss...

Security Bulletin: Vulnerabilities in Groovy affect IBM Cloud Pak System [CVE-2016-6814, CVE-2015-3253]

Summary Vulnerabilities in Groovy affect IBM Cloud Pak System. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2016-6814 DESCRIPTION: Apache Groovy could allow a remote attacker to execute arbitrary code on the system, caused by a...

Ubuntu 16.04 ESM : Apache Groovy vulnerability (USN-4795-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4795-1 advisory. It was discovered that Apache Groovy incorrectly handled serialization mechanisms. An attacker could possibly use this issue to execute arbitrary code. Tenable ha...

Security Bulletin: Multiple vulnerabilities of Apache Groovy (groovy-all-2.3.11.jar) have affected APM JBoss and APM WebLogic Agent [CVE-202-17521, CVE-2016-6814, CVE-2015-3253]

Summary APM JBoss and APM WebLogic Agents are vulnerable to Apache Groovygroovy-all-2.3.11.jar. CVE-2020-17521, CVE-2016-6814, CVE-2015-3253 The fix includes groovy-all-2.3.11.jar upgraded to groovy-all-2.5.21.jar. Vulnerability Details CVEID:CVE-2020-17521 DESCRIPTION: Apache Groovy could allow ...

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Apache Groovy

Summary Vulnerabilities in Apache Groovy such as remote attacker executing arbitrary code on the system, allowing a local authenticated attacker to obtain sensitive information, may affect IBM Spectrum Control. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2015-3253...

K49233165: Apache Groovy vulnerability CVE-2015-3253

Security Advisory Description The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object. CVE-2015-3253 Impact This vulnerability could allow a remote...

Ubuntu: Security Advisory (USN-4795-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Improper Neutralization of Special Elements in Output Used by a Downstream Component in Apache Groovy

The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object...

GHSA-QG25-HGJV-CG9Q Improper Neutralization of Special Elements in Output Used by a Downstream Component in Apache Groovy

The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object...

Oracle Business Process Management Suite (Apr 2022 CPU)

The version of Oracle Business Process Management Suite installed on the remote host is affected by multiple vulnerabilities, as referenced in the April 2022 CPU advisory. Specifically: - Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware component:...

Mageia: Security Advisory (MGASA-2017-0311)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: CVE-2020-17521 Apache Groovy's provided extension methods to aid with creating temporary directories was using a now superseded Java JDK method call that is potentiallly not secure in some situations.

Summary Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Vulnerabili...

Oracle Primavera Gateway (Apr 2021 CPU)

According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is 16.2.x, 17.12.x prior to 17.12.11. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory. - Vulnerability in the Primavera Gateway...

USN-4795-1 groovy2 vulnerability

It was discovered that Apache Groovy incorrectly handled serialization mechanisms. An attacker could possibly use this issue to execute arbitrary code...

USN-4795-1: Apache Groovy vulnerability

It was discovered that Apache Groovy incorrectly handled serialization mechanisms. An attacker could possibly use this issue to execute arbitrary code...

CVE-2020-17521

A flaw was found in Apache Groovy. Groovy makes use of a method for creating temporary directories which is not suitable for security-sensitive contexts and allows for sensitive information leakage. The highest threat from this vulnerability is to data confidentiality. Mitigation Setting the...