110 matches found
Astra Linux - уязвимость в bcel
Apache Commons BCEL includes several APIs that typically only allow modifying specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to generate arbitrary bytecode. This could lead to abuse in applications that send attacker-controllable data to tho...
MiracleLinux 7 : bcel-5.2-19.0.1.el7.AXS7 (AXSA:2022-4486:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4486:01 advisory. Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing CVE-2022-42920 Tenable has extracted the preceding description block directly from...
MiracleLinux 9 : bcel-6.4.1-9.el9 (AXSA:2023-4861:01)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-4861:01 advisory. Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing CVE-2022-42920 Tenable has extracted the preceding description block directly from...
TencentOS Server 2: bcel (TSSA-2022:0287)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0287 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Security Bulletin: SPSS Collaboration and Deployment Services is affected by vulnerability in Apache Commons BCEL
Summary SPSS Collaboration and Deployment Services is affected by vulnerability in Apache Commons BCEL. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL could allow a remote attacker to bypass security restrictions,...
Security Bulletin: Security vulnerability affect IBM Business Automation Workflow - CVE-2022-42920
Summary IBM Business Automation Workflow packages a vulnerable copy of Apache BCEL in an OSGi bundle. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL could allow a remote attacker to bypass security restrictions, caused by an out-of-bounds write flaw in the APIs. By...
Ubuntu: Security Advisory (USN-7208-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Apache Commons BCEL vulnerability (USN-7208-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7208-1 advisory. Felix Wilhelm discovered that Apache Commons BCEL APIs incorrectly handled parameters due to a memory issue. An attacker...
USN-7208-1 bcel vulnerability
Felix Wilhelm discovered that Apache Commons BCEL APIs incorrectly handled parameters due to a memory issue. An attacker supplying malicious input could exploit this to generate and execute arbitrary bytecode...
USN-7208-1: Apache Commons BCEL vulnerability
Felix Wilhelm discovered that Apache Commons BCEL APIs incorrectly handled parameters due to a memory issue. An attacker supplying malicious input could exploit this to generate and execute arbitrary bytecode...
Fedora 37 : bcel (2022-01a56f581c)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-01a56f581c advisory. Security fix: CVE-2022-42920 bcel: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing Tenable has extracted the preceding description...
SUSE-RU-2024:3971-1 Recommended update for mojo-parent
This update for mojo-parent fixes the following issues: xalan-j2 was updated from version 2.7.2 to 2.7.3: - Security issues fixed: CVE-2022-34169: Fixed integer truncation issue when processing malicious XSLT stylesheets bsc1201684 - Changes and Bugs fixed: Java 8 is now the minimum requirement...
RHSA-2023:0004 Red Hat Security Advisory: bcel security update
Bulletin has no description...
RHSA-2023:0005 Red Hat Security Advisory: bcel security update
Bulletin has no description...
RHSA-2022:8958 Red Hat Security Advisory: bcel security update
Bulletin has no description...
RHSA-2022:8959 Red Hat Security Advisory: rh-maven36-bcel security update
Bulletin has no description...
ROS-20240806-03
A vulnerability in the Java Apache Commons BCEL bytecode processing library is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker acting remotely to execute an arbitrary code...
OPENSUSE-SU-2024:12530-1 bcel-5.2-37.1 on GA media
These are all security issues fixed in the bcel-5.2-37.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:12498-1 bcel5_3-5.3-21.1 on GA media
These are all security issues fixed in the bcel53-5.3-21.1 package on the GA media of openSUSE Tumbleweed...
Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing
An out-of-bounds OOB write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected...