Lucene search
+L

22 matches found

nvd
nvd
added 2026/06/28 4:16 p.m.10 views

CVE-2026-13503

A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be...

6.9CVSS0.0055EPSS
Exploits0References5
nvd
nvd
added 2026/06/28 3:16 p.m.12 views

CVE-2026-13502

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS0.00091EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/06/28 3:15 p.m.9 views

CVE-2026-13503

A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be...

6.9CVSS5.7AI score0.0055EPSS
Exploits0References5Affected Software1
euvd
euvd
added 2026/06/28 3:15 p.m.9 views

EUVD-2026-40001

A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be...

6.9CVSS5.7AI score0.0055EPSS
Exploits0References5
debiancve
debiancve
added 2026/06/28 2:45 p.m.8 views

CVE-2026-13502

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS5.2AI score0.00091EPSS
Exploits0
attackerkb
attackerkb
added 2026/06/28 2:45 p.m.8 views

CVE-2026-13502

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS5.2AI score0.00091EPSS
Exploits0References5Affected Software1
euvd
euvd
added 2026/06/28 2:45 p.m.11 views

EUVD-2026-40000

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS5.2AI score0.00091EPSS
Exploits0References5
cve
cve
added 2026/06/28 2:45 p.m.32 views

CVE-2026-13502

The CVE-2026-13502 entry concerns antlr ANTLR4 up to 4.13.2. It affects the function ObjectInputStream.readObject in the antlr4-maven-plugin’s GrammarDependencies.java, indicating a time-of-check time-of-use issue. The attack is restricted to local execution and requires a high degree of complexi...

4.5CVSS5.2AI score0.00091EPSS
Exploits0References5
cve
cve
added 2026/06/28 2:30 p.m.17 views

CVE-2026-13501

The vulnerability CVE-2026-13501 affects ANTLR4 (up to 4.13.2), specifically the GoTarget component within the gofmt tool in GoTarget.java. The issue is a local command-injection exploit caused by manipulation of the GoTarget codegen path. Public disclosure exists, and no vendor response is repor...

5.3CVSS5.6AI score0.00678EPSS
Exploits0References5
debiancve
debiancve
added 2026/06/28 2:15 p.m.6 views

CVE-2026-13500

A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of the component Grammar Action Block Handler. Executing a manipulation can lead to code injection. The attack may be launched remotely. The...

7.5CVSS6.8AI score0.00311EPSS
Exploits0
nessus
nessus
added 2026/06/28 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-13502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file...

4.5CVSS5.1AI score0.00091EPSS
Exploits0References3
ossf
ossf
added 2025/08/14 6:52 p.m.4 views

Malicious code in antlr4-graps (npm)

The package antlr4-graps was found to contain malicious code...

7AI score
Exploits0
ossf
ossf
added 2025/08/14 6:52 p.m.6 views

Malicious code in vscode-antlr4 (npm)

The package vscode-antlr4 was found to contain malicious code...

7AI score
Exploits0
osv
osv
added 2025/08/14 6:52 p.m.2 views

MAL-2025-14606 Malicious code in antlr4-graps (npm)

The package antlr4-graps was found to contain malicious code...

7.2AI score
Exploits0
osv
osv
added 2025/08/14 6:52 p.m.4 views

MAL-2025-38650 Malicious code in vscode-antlr4 (npm)

The package vscode-antlr4 was found to contain malicious code...

7.2AI score
Exploits0
openvas
openvas
added 2024/07/10 12:0 a.m.20 views

openSUSE Security Advisory (SUSE-SU-2024:1639-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.3AI score0.01034EPSS
Exploits0References16
osv
osv
added 2024/07/01 4:34 p.m.21 views

SUSE-SU-2024:1639-2 Security update for python-arcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack, python-marshmallow, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry-semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile, python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel, python-strictyaml, python-sure, python-vcrpy, python-xmltodict

This update for python-argcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack,...

6.5CVSS7.1AI score0.01034EPSS
Exploits0References9
osv
osv
added 2024/07/01 4:34 p.m.2 views

SUSE-SU-2024:1639-1 Security update for python-arcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack, python-marshmallow, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry-semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile, python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel, python-strictyaml, python-sure, python-vcrpy, python-xmltodict

This update for python-argcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack,...

6.5CVSS6.4AI score0.01034EPSS
Exploits0References9
openvas
openvas
added 2024/05/24 12:0 a.m.21 views

openSUSE Security Advisory (SUSE-SU-2024:1639-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.3AI score0.01034EPSS
Exploits0References16
ptsecurity
ptsecurity
added 2024/03/18 12:0 a.m.5 views

PT-2024-40669 · Antlr4 · Antlr4

Name of the Vulnerable Software and Affected Versions: antlr4 affected versions not specified Description: The issue is related to a security exception in the antlr4 library. The crash occurs in the fromRuleContext function of the PredictionContext class and involves the update function of the...

6.9AI score
Exploits0References2
Rows per page
Query Builder