51 matches found
MiracleLinux 7 : bcel-5.2-19.0.1.el7.AXS7 (AXSA:2022-4486:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4486:01 advisory. Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing CVE-2022-42920 Tenable has extracted the preceding description block directly from...
Security Bulletin: Due to use of Business Automation Workflow, Cloud Pak System is affected by out-of-bounds write vulnerability [CVE-2022-42920]
Summary IBM Business Automation Workflow is shipped as IBM Business Automation Workflow Pattern Type pType of IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL has a number of APIs that would normally only allow changing specific class...
TencentOS Server 2: bcel (TSSA-2022:0287)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0287 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Security Bulletin: SPSS Collaboration and Deployment Services is affected by vulnerability in Apache Commons BCEL
Summary SPSS Collaboration and Deployment Services is affected by vulnerability in Apache Commons BCEL. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL could allow a remote attacker to bypass security restrictions,...
Security Bulletin: Security vulnerability affect IBM Business Automation Workflow - CVE-2022-42920
Summary IBM Business Automation Workflow packages a vulnerable copy of Apache BCEL in an OSGi bundle. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL could allow a remote attacker to bypass security restrictions, caused by an out-of-bounds write flaw in the APIs. By...
Ubuntu: Security Advisory (USN-7208-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 37 : bcel (2022-01a56f581c)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-01a56f581c advisory. Security fix: CVE-2022-42920 bcel: Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing Tenable has extracted the preceding description...
Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.7.0 release and security update
Red Hat AMQ Streams 2.7.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Oracle Application Testing Suite (April 2024 CPU)
The versions of Oracle Application Testing Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory: - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps...
Security Bulletin: IBM Sterling B2B Integrator vulnerable to security bypass due to Apache Commons BCEL (CVE-2022-42920)
Summary IBM Sterling B2B Integrator uses Apache Commons BCEL. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL could allow a remote attacker to bypass security restrictions, caused by an...
CentOS 9 : bcel-6.4.1-9.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the bcel-6.4.1-9.el9 build changelog. - Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds...
Rocky Linux 9 : bcel (RLSA-2023:0005)
The remote Rocky Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2023:0005 advisory. - Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue...
Vulnerabilities fixed in Oracle Communications Applications
Vulnerabilities have been fixed in Oracle Communications Applications products. A malicious party could exploit them to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data Acce...
Oracle WebLogic Server (October 2023 CPU)
The version of Oracle WebLogic Server installed on the remote host is missing a security patch from the October 2023 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities, including: - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware...
CentOS: Security Advisory for bcel (CESA-2022:8958)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : bcel (RHSA-2022:8958)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8958 advisory. - Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issu...
Security Bulletin: There is a vulnerability in Apache Commons BCEL used by IBM Maximo Asset Management (CVE-2022-42920)
Summary There is a vulnerability in Apache Commons BCEL used by IBM Maximo Asset Management. Vulnerability Details CVEID:CVE-2022-42920 DESCRIPTION: Apache Commons BCEL could allow a remote attacker to bypass security restrictions, caused by an out-of-bounds write flaw in the APIs. By sending a...
Huawei EulerOS: Security Advisory for bcel (EulerOS-SA-2023-2137)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : bcel (EulerOS-SA-2023-2137)
According to the versions of the bcel package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds...
Important: bcel
Issue Overview: Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllab...