16 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-17521
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was...
Security Bulletin: Multiple vulnerabilities of Apache Groovy (groovy-all-2.3.11.jar) have affected APM JBoss and APM WebLogic Agent [CVE-202-17521, CVE-2016-6814, CVE-2015-3253]
Summary APM JBoss and APM WebLogic Agents are vulnerable to Apache Groovygroovy-all-2.3.11.jar. CVE-2020-17521, CVE-2016-6814, CVE-2015-3253 The fix includes groovy-all-2.3.11.jar upgraded to groovy-all-2.5.21.jar. Vulnerability Details CVEID:CVE-2020-17521 DESCRIPTION: Apache Groovy could allow ...
Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Apache Groovy
Summary Vulnerabilities in Apache Groovy such as remote attacker executing arbitrary code on the system, allowing a local authenticated attacker to obtain sensitive information, may affect IBM Spectrum Control. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2015-3253...
SUSE CVE-2020-17521
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the...
Security Bulletin: CVE-2020-17521 Apache Groovy's provided extension methods to aid with creating temporary directories was using a now superseded Java JDK method call that is potentiallly not secure in some situations.
Summary Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Vulnerabili...
Moderate: Red Hat Security Advisory: Red Hat Integration Camel Quarkus Tech-Preview 2 security update
An update to the Red Hat Integration Camel Quarkus tech preview is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability...
Moderate: Red Hat Security Advisory: Red Hat Integration Camel-K 1.4 release and security update
A minor version update from 1.3 to 1.4 is now available for Red Hat Integration Camel K that includes bug fixes and enhancements. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a...
Oracle Primavera Gateway (Apr 2021 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is 16.2.x, 17.12.x prior to 17.12.11. It is, therefore, affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory. - Vulnerability in the Primavera Gateway...
Oracle Primavera Unifier (Apr 2021 CPU)
According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote host is 16.x prior to 16.2.16.5 or 17.x prior to 17.12.11.7 or 18.8.x prior to 18.8.18.4 or 19.12.x prior to 19.12.14 or 20.12.x prior to 20.12.4. It is, therefore, affected by multiple...
Security update for groovy (moderate)
openSUSE Security Update: Security update for groovy Announcement ID: openSUSE-SU-2020:2367-1 Rating: moderate References: 1179729 Cross-References: CVE-2020-17521 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for groovy...
au.com.dius.pact.consumer:groovy (>=4.1.0 <=4.2.21), au.com.dius:pact-jvm-consumer-groovy (>=4.0.7 <=4.0.10) +843 more potentially affected by CVE-2020-17521 via org.codehaus.groovy:groovy (>=2.5.0 <=2.5.13)
org.codehaus.groovy:groovy MAVEN version =2.5.0, =4.1.0, =4.0.7, =2.2.1, =3.0.0, =0.9.0, =3.1.174, =8.1.0.371, =8.1.0.304, =8.1.0.371, =8.1.0.516, =8.1.0.304, =8.1.0.578.187 and more Source cves: CVE-2020-17521 Source advisory: OSV:GHSA-RCJJ-H6GH-JF3R...
ch.exense.step:step-automation-packages-client (>=3.24.1 <=3.29.5), ch.exense.step:step-automation-packages-controller (>=3.24.1 <=3.29.5) +433 more potentially affected by CVE-2020-17521 via org.codehaus.groovy:groovy-all (>=3.0.0 <=3.0.6)
org.codehaus.groovy:groovy-all MAVEN version =3.0.0, =3.24.1, =3.24.1, =3.24.1, =3.27.0, =3.27.0, =3.24.1, =3.24.1, =3.24.1, =3.24.1, =3.24.1, =3.26.0, =3.26.0, =3.22.0, =3.20.0, =3.20.0, =3.29.5 and more Source cves: CVE-2020-17521 Source advisory: OSV:GHSA-RCJJ-H6GH-JF3R...
cn.ibizlab.plugin:ibiz-cloud-ai-baichuanai (>=8.1.0.371 <=8.1.0.578.187), cn.ibizlab.plugin:ibiz-cloud-ai-core (>=8.1.0.304 <=8.1.0.578.187) +438 more potentially affected by CVE-2020-17521 via org.codehaus.groovy:groovy-all (>=2.5.0 <=2.5.13)
org.codehaus.groovy:groovy-all MAVEN version =2.5.0, =8.1.0.371, =8.1.0.304, =8.1.0.371, =8.1.0.516, =8.1.0.304, =8.1.0.286, =8.1.0.286, =8.1.0.371, =8.1.0.371, =8.1.0.286, =8.1.0.286, =8.1.0.371, =8.1.0.286, =8.1.0.286, =8.1.0.286, =8.1.0.567.22 and more Source cves: CVE-2020-17521 Source...
app.ariadust.dendrobium:app.ariadust.dendrobium.gradle.plugin (>=1.0.0 <=1.0.4), aspectj.AspectjGradlePlugin:aspectj.AspectjGradlePlugin.gradle.plugin (>=0.0.2 <=0.0.3) +3232 more potentially affected by CVE-2020-17521 via org.codehaus.groovy:groovy-all (>=2.0.0 <=2.4.20)
org.codehaus.groovy:groovy-all MAVEN version =2.0.0, =1.0.0, =0.0.2, =0.2.DEV, =0.2.DEV, =2.1.10, =2.0.0, =2.0.0, =3.5.4-rc.0, =3.5.9, =3.5.9, =3.5.15, =3.5.15, =3.6.0-rc.1 - au.com.dius:pact-jvm-consumer-junit2.10 =2.4.20 and more Source cves: CVE-2020-17521 Source advisory: OSV:GHSA-RCJJ-H6GH-J...
0x.plugin.bom:zero-x-plugin-bom (>=0.0.10 <=1.1.0), app.ariadust.dendrobium:app.ariadust.dendrobium.gradle.plugin (>=1.0.0 <=1.0.4) +3620 more potentially affected by CVE-2020-17521 via org.codehaus.groovy:groovy (>=3.0.0 <=3.0.6)
org.codehaus.groovy:groovy MAVEN version =3.0.0, =0.0.10, =1.0.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.0.6, =4.1.0, =4.3.19 - au.com.dius:pact-jvm-consumer-groovy =4.0.6 and more Source cves: CVE-2020-17521 Source advisory: OSV:GHSA-RCJJ-H6GH-JF3R...
CVE-2020-17521
CVE-2020-17521 affects Apache Groovy extension methods that handle temporary directory creation. The root cause is a race condition in Groovy’s implementation, which previously called a now-superseded Java JDK method; this could allow a local attacker to obtain sensitive information. Affected ver...