MiracleLinux 7 : groovy-1.8.9-8.el7 (AXSA:2017-2200:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2200:01 advisory. Groovy is an agile and dynamic language for the Java Virtual Machine, built upon Java with features inspired by languages like Python, Ruby and Smalltalk. It...

Linux Distros Unpatched Vulnerability : CVE-2016-6814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization...

RHEL 7 : groovy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - Apache Groovy: Remote code execution via deserialization CVE-2016-6814 Note that Nessus has not tested for this iss...

SUSE CVE-2016-6814

When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized...

Ubuntu 16.04 ESM : Apache Groovy vulnerability (USN-4795-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4795-1 advisory. It was discovered that Apache Groovy incorrectly handled serialization mechanisms. An attacker could possibly use this issue to execute arbitrary code. Tenable ha...

Security Bulletin: Multiple vulnerabilities of Apache Groovy (groovy-all-2.3.11.jar) have affected APM JBoss and APM WebLogic Agent [CVE-202-17521, CVE-2016-6814, CVE-2015-3253]

Summary APM JBoss and APM WebLogic Agents are vulnerable to Apache Groovygroovy-all-2.3.11.jar. CVE-2020-17521, CVE-2016-6814, CVE-2015-3253 The fix includes groovy-all-2.3.11.jar upgraded to groovy-all-2.5.21.jar. Vulnerability Details CVEID:CVE-2020-17521 DESCRIPTION: Apache Groovy could allow ...

Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Apache Groovy

Summary Vulnerabilities in Apache Groovy such as remote attacker executing arbitrary code on the system, allowing a local authenticated attacker to obtain sensitive information, may affect IBM Spectrum Control. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2015-3253...

ai.grakn.kgms:client (=1.4.3), ai.grakn:client-java (>=1.3.0 <=1.4.3) +3349 more potentially affected by CVE-2016-6814 via org.codehaus.groovy:groovy (>=1.7.0 <=2.4.7)

org.codehaus.groovy:groovy MAVEN version =1.7.0, =1.3.0, =1.1.0, =1.0.0, =0.7.0, =0.12.0, =1.4.1, =0.12.0, =1.0.0, =1.4.1, =1.2.0, =0.17.0, =0.7.0, =0.7.0, =0.15.0, =v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744 and more Source cves: CVE-2016-6814 Source advisory:...

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +6733 more potentially affected by CVE-2016-6814 via org.codehaus.groovy:groovy-all (>=1.7.0 <=2.4.7)

org.codehaus.groovy:groovy-all MAVEN version =1.7.0, =1.1, =0.0.1, =3.10.0.5, =1.0.0, =1.0, =0.0.20, =0.0.2, =0.2.DEV, =0.2.DEV, =2.1.10, =3.6.0-rc.1 and more Source cves: CVE-2016-6814 Source advisory: OSV:GHSA-XPHJ-M9CC-8FMQ...

Mageia: Security Advisory (MGASA-2017-0311)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-202003-01 : Groovy: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-202003-01 Groovy: Arbitrary code execution It was discovered that there was a vulnerability within the Java serialization/deserialization process. Impact : An attacker, by crafting a special serialized object, could execute...

CVE-2016-6814

When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized...

CVE-2016-6814

When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized...

CVE-2016-6814

When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized...

CVE-2016-6814

CVE-2016-6814 describes arbitrary code execution via Java serialization in Groovy when deserializing untrusted data. Affected are Codehaus Groovy versions 1.7.0–2.4.3 with Apache Groovy 2.4.4–2.4.7 on the classpath. The root cause is unsafe Java serialization/deserialization, allowing an attacker...

Oracle Database Multiple Vulnerabilities (October 2017 CPU)

The remote Oracle Database Server is missing the October 2017 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note tha...

Oracle JDeveloper ADF Faces Unspecified Remote Code Execution (October 2017 CPU)

The version of Oracle JDeveloper installed on the remote host is missing a security patch. It is, therefore, affected by vulnerability in the Spatial Apache Groovy component of Oracle Database Server. Please see the vendor advisory for additional information. %NASLMINLEVEL 70300 C Tenable Network...

Important: Red Hat Security Advisory: rh-maven33-groovy security update

An update for rh-maven33-groovy is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CentOS 7 : groovy (CESA-2017:2486)

An update for groovy is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Fedora 25 : groovy18 (2017-33c8085c5d)

Fixes information disclosure vulnerability CVE-2016-6814 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...