26 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-3253
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial o...
Security Bulletin: Multiple vulnerabilities of Apache Groovy (groovy-all-2.3.11.jar) have affected APM JBoss and APM WebLogic Agent [CVE-202-17521, CVE-2016-6814, CVE-2015-3253]
Summary APM JBoss and APM WebLogic Agents are vulnerable to Apache Groovygroovy-all-2.3.11.jar. CVE-2020-17521, CVE-2016-6814, CVE-2015-3253 The fix includes groovy-all-2.3.11.jar upgraded to groovy-all-2.5.21.jar. Vulnerability Details CVEID:CVE-2020-17521 DESCRIPTION: Apache Groovy could allow ...
Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related to Apache Groovy
Summary Vulnerabilities in Apache Groovy such as remote attacker executing arbitrary code on the system, allowing a local authenticated attacker to obtain sensitive information, may affect IBM Spectrum Control. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2015-3253...
ai.grakn.kgms:client (=1.4.3), ai.grakn:client-java (>=1.3.0 <=1.4.3) +2444 more potentially affected by CVE-2015-3253 via org.codehaus.groovy:groovy (>=1.7.0 <=2.4.3)
org.codehaus.groovy:groovy MAVEN version =1.7.0, =1.3.0, =1.1.0, =1.0.0, =1.4.1, =0.17.0, =1.4.1, =1.0.0, =1.0.0, =1.2.0, =0.17.0, =0.17.0, =1.0.0, =1.0.0, =1.0.0, =v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744 and more Source cves: CVE-2015-3253https://vulners.com/cve/...
Security Bulletin: Vulnerabilities in Apache Commons Collections and Apache Groovy affects IBM UrbanCode Build (CVE-2015-7450, CVE-2015-3253)
Summary Apache Commons Collections and Apache Groovy vulnerabilities for handling Java object deserialization were addressed by IBM UrbanCode Build Vulnerability Details CVE-ID: CVE-2015-7450 Description: Apache Commons Collections could allow a remote attacker to execute arbitrary code on the...
Security Bulletin: Vulnerability in Apache Groovy that could affect IBM Development Package for Apache Spark (CVE-2015-3253)
Summary Apache Groovy™ could allow a remote attacker to run arbitrary, untrusted code on the system. Vulnerability Details CVEID: CVE-2015-3253 DESCRIPTION: Apache Groovy could allow a remote attacker to run arbitrary, untrusted code on the system. This issue is caused by the failure to isolate...
Design/Logic Flaw
DISPUTED Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors involving the transport protocol. NOTE: ZDI appears to claim that CVE-2015-3253 and CVE-2015-5377 are the same vulnerability...
Updated groovy18 packages fix security vulnerability
When an application has Groovy on the classpath and that it uses standard Java serialization mechanism to communicate between servers, or to store local data, it is possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications whi...
Important: Red Hat Security Advisory: rh-maven33-groovy security update
An update for rh-maven33-groovy is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Fedora Update for groovy18 FEDORA-2017-6a0389a6a7
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : groovy18 (2017-9899aba20e)
Fix remote code execution vulnerability Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
FreeBSD : groovy -- remote execution of untrusted code/DoS vulnerability (4af92a40-db33-11e6-ae1b-002590263bf5)
The Apache Groovy project reports : When an application with Groovy on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it is possible for an attacker to bake a special serialized object that will execute code directly when...
Xstream Deserializable Vulnerablity And Groovy(CVE-2 0 1 5-3 2 5 3-a vulnerability warning-the black bar safety net
The sequence of issues looks like in the recent outbreak of very frequently, recently there are friends asking me about this two-day outbreak of Xstream build deserialization vulnerabilities, the company recently very busy, but catch up on the weekend just take the time to see, in fact, this time...
Critical: Red Hat Security Advisory: Red Hat JBoss Operations Network 3.3.5 update
Red Hat JBoss Operations Network 3.3 update 5, which fixes two security issues and several bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives...
Moderate: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.2.0 security update
Red Hat JBoss Data Virtualization 6.2.0 update 2, which fixes one security issue and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...
Important: Red Hat Security Advisory: Red Hat JBoss Fuse 6.2.1 update
Red Hat JBoss Fuse 6.2.1, which fixes three security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores,...
Important: Red Hat Security Advisory: Red Hat JBoss A-MQ 6.2.1 update
Red Hat JBoss A-MQ 6.2.1, which fixes three security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores,...
Important: Red Hat Security Advisory: Red Hat JBoss Fuse Service Works 6.2.1 update
Red Hat JBoss Fuse Service Works 6.2.1, which fixes three security issues and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Mageia: Security Advisory (MGASA-2015-0296)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : groovy-2.4.0-2.fc22 (2015-15907)
Fixes CVE-2015-3253 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...