74 matches found
SUSE CVE-2022-34169
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...
SUSE CVE-2022-42920
Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those...
Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing
An out-of-bounds OOB write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected...
Important: Red Hat Security Advisory: Migration Toolkit for Runtimes security update
An update is now available for Migration Toolkit for Runtimes v1.0.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Amazon Linux 2022 : bcel, bcel-javadoc (ALAS2022-2023-275)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2023-275 advisory. Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitra...
Important: bcel
Issue Overview: Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllab...
bcel security update
6.4.1-9 - Fix arbitrary bytecode produced via out-of-bounds writing - Resolves: CVE-2022-42920...
Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing
An out-of-bounds OOB write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected...
Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing
An out-of-bounds OOB write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected...
RLSA-2023:0005 Important: bcel security update
The Byte Code Engineering Library Apache Commons BCEL is intended to give users a convenient way to analyze, create, and manipulate binary Java class files those ending with .class. Security Fixes: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing CVE-2022-42920 For more...
RHEL 9 : bcel (RHSA-2023:0004)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0004 advisory. The Byte Code Engineering Library Apache Commons BCEL is intended to give users a convenient way to analyze, create, and manipulate binary Java class...
ALSA-2023:0005 Important: bcel security update
The Byte Code Engineering Library Apache Commons BCEL is intended to give users a convenient way to analyze, create, and manipulate binary Java class files those ending with .class. Security Fixes: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing CVE-2022-42920 For more...
Important: bcel security update
The Byte Code Engineering Library Apache Commons BCEL is intended to give users a convenient way to analyze, create, and manipulate binary Java class files those ending with .class. Security Fixes: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing CVE-2022-42920 For more...
Fedora 36 : bcel (2022-0e358addb8)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-0e358addb8 advisory. Security fix: CVE-2022-42920 bcel: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing Tenable has extracted the preceding description...
bcel security update
0:5.2-19 - Fix arbitrary bytecode produced via out-of-bounds writing - Resolves: CVE-2022-42920...
Important: Red Hat Security Advisory: bcel security update
An update for bcel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing
An out-of-bounds OOB write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected...
Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing
An out-of-bounds OOB write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected...
Oracle Linux 7 : bcel (ELSA-2022-8958)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-8958 advisory. 0:5.2-19 - Fix arbitrary bytecode produced via out-of-bounds writing - Resolves: CVE-2022-42920 Tenable has extracted the preceding description block directly...
SUSE SLES12 Security Update : bcel (SUSE-SU-2022:4331-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4331-1 advisory. - Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an...