mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
832 lines
31 KiB
JSON
832 lines
31 KiB
JSON
{
|
|
"id": "CVE-2015-3253",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2015-08-13T14:59:02.377",
|
|
"lastModified": "2020-06-24T05:15:11.457",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad en la clase MethodClosure en runtime/MethodClosure.java en Apache Groovy desde la versi\u00f3n 1.7.0 hasta la versi\u00f3n 2.4.3, permite a atacantes remotos ejecutar c\u00f3digo arbitrario y causar una denegaci\u00f3n de servicio a trav\u00e9s de un objeto serializado manipulado."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV30": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.0",
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 9.8,
|
|
"baseSeverity": "CRITICAL"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 5.9
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 7.5
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-74"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "565A8A62-8F7E-4C3F-934C-F36B9A353D9B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.0:beta_1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "15210A74-0E69-4F28-B356-8EA7ED0C3831"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.0:beta_2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1FBE9618-5A18-401C-8D74-0EAA02D31553"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9CA686E1-6384-4F43-8165-31C490909ACE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "94170FFD-A756-4BFC-8900-91E0D64CE6FD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "97DB1B72-ACC3-4C82-A182-F1BD7766B01A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DDA45976-50A3-444F-8693-734CF07D0ED6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8082E398-371E-469E-B699-1B5AB0EEF676"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B7B81590-6C49-48D6-A2E9-BA09B549159F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2D3E726E-1043-4067-8AB4-02A08C52D7C5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "30E267FA-A156-4880-822E-5A34094FC26E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "789D66C8-8B94-4349-830F-D9A6D6C5FF35"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B8AA186A-3061-49E2-996A-3405198BACB3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4118B67D-10CA-4373-ADC5-B7C1AA0B0814"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0A559B2D-6F1B-40C8-A8F8-DC0F272D9C05"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.7.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "607B9E80-F763-4445-8CBE-AB30F81E9F79"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "49B6C53B-12DE-499E-BF11-21E988AE69E3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.0:beta_1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7DB271EE-55C6-420A-A4F3-1FCCC4A1E536"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.0:beta_2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "534CF3B2-1526-4939-8CA4-73C136139B37"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.0:beta_3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6FE5ED10-9BE1-497C-BFF5-FB117D470868"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.0:beta_4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "41E75756-0D5C-497E-9C95-8F89C6CDD0A0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "76050825-9A03-462F-9035-87EDC0E32091"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "41313322-E506-46F2-BB0C-F0F90E9C8F66"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7F9A2859-681A-43DE-8282-F7AE72EC5670"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.0:rc4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7646FEB3-83B2-4951-A3C9-863B4938FB98"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "566A91C5-672E-458D-896C-481E40F116D4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "15F6843B-12C7-4E7D-986B-0EE7098A2BE4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "86911526-4911-4EF4-A5FB-742F2F23C283"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "38620A98-0F48-4BB2-8FEA-D00796713056"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F0EF6781-95D4-4908-A55D-888F694BF468"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BCB846E3-8D81-44B1-8C9A-CF68E93D68ED"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "19503EAB-5637-4075-9A29-892F7395E743"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "96768F0A-E177-471F-8197-EFF56CE0FD17"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.8.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8062ACA3-BEA2-46CC-99C7-F6AE92E4130E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.9.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E7F78C79-0F93-4E38-972C-03DEC7CDCDD1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.9.0:beta_1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A382D9C5-DE4F-4A0A-8D2E-D5B7CE152A9B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.9.0:beta_3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2E1D3896-B64A-45FA-B861-775D834E8D3C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:1.9.0:beta_4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "94B67066-EDC2-4852-A092-D9E5BD3DAE2D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "34AE23A0-2A65-4E7F-869F-3A41C3F6565B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.0:beta_1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5E9B8472-DB38-4EE9-83D0-C4A1DE44EB4C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.0:beta_2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "61F98F74-5405-4E32-B944-9FCD1D744B49"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.0:beta_3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CBD11E3A-C94A-464E-8584-5841872B3E51"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B791A7E8-5DE3-4B76-97F7-218B79E0ADE6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F78F0F9F-6A17-436B-979B-0F2EF00A4860"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D9DFB6E8-7A3D-4F31-AF7C-D35BA2133EE1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.0:rc4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F3E8BFC0-1EF8-4643-84BF-6513A7D36AC6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "16C0C857-A41F-429E-BD7F-16D7CC14A51C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9ABCD368-372F-4B11-932B-25835A5F1166"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "07710AAB-E7D6-4600-AE17-A4B9411F5BD7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2D12AB90-D1A6-4C7B-BEA1-E58D17FE97A9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "37625E89-604B-4752-8A0D-0FCF18087AD9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C5360B48-32BE-4FE4-AE6C-28EF84F47C6D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E2BAA2EA-3C54-498A-A36B-09D6EF699E8F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.0.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "50377CE0-189E-421D-A1C7-AFC7BCBE9853"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "35E15550-2DF5-468D-AE6C-079AFB748ABA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.0:beta_1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D37474B0-0EDB-4737-A190-F099AA0EC348"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9BDBE78B-64A5-492C-A86D-1D2987C2C0B4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2DC63DA9-4234-42BE-A76A-4564FA2936E5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "57557B0C-A098-491B-BC71-97B1F3E707E1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "51D24DF2-56FE-426D-925F-BF1D48A6C45A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8393D1C7-BA26-4589-8CF4-4A9C6F2F9436"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E12A9163-017E-40D5-B3B2-DCEF912F3CBD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AE6AB4B1-47F3-4955-A5F8-46870569D2E2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "69884871-DE94-481A-B890-8385BA585B98"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A46A0844-9BF9-4D0B-91FA-3D2B979E8F0D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2A898188-E98A-479C-9ED8-3FD9691299CB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1A3C399D-AE93-401C-9BA0-A5D443624CB6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.1.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1C7E3BA4-5E49-4E09-999A-629C36C20E46"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B4DCC641-2C37-4F21-8963-7008C5DA35B3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.2.0:beta_1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1BC9559B-A23E-4B08-9E02-49829B2DB9AE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.2.0:beta_2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "526A1F0B-3F77-4A9C-9223-3523C3E2F0E3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.2.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "969A19E4-3AB0-4C59-BDCE-44E853A395C4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.2.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "72927C4F-377E-423A-A687-4036E330436D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.2.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "355D2577-34C8-4756-B7B4-F55B13D65ACA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1D614336-6677-42AD-8CFB-8B61486BFB25"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2C4F207A-48DE-4460-8C53-E34D2E1C3ADE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4BB2F67B-CD0C-458E-A0EA-AF17EF8620BF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.0:beta_1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A3688447-B686-4891-844D-327DCDC71284"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.0:beta_2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6E958086-18A5-4F0B-938D-E00634BC117F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B773B2C0-DC4D-4E9B-B484-96C1587CCF2C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "19F1095C-C1A3-427C-8149-BA030F2B3035"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.0:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FC8AEB6E-B8EA-49A2-96A3-CD37A9B32F73"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7C8E8367-DC45-4477-A688-B8962EFECCAA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "58A60CE0-48AB-4FE1-8999-D398CA4F6B6C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8DDD1340-FE0B-49AA-981D-F30FDAC56F90"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CBDDF4CF-A5EE-45AB-9283-67F2AA4630BE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1E5698C9-D5EA-4D7B-A495-BB3179F3D7E9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EEB8ED44-7A1E-4B78-BF54-F596F94909B5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A08181CD-D0C4-4DF4-A0AC-50DD9330F8AA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1531317F-0F79-47CD-9DC7-6683B23E891E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B73D9E09-E5BE-4C75-8C20-91640FC0FA97"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4AA55ECE-FD75-4708-BE4E-6FF599365EB7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.3.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "593D33D0-744A-4DF8-B7D8-A3B85CDF20C2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E02C5676-5F69-4AB9-BFF3-76878DD20EBC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.4.0:beta_1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8ABF7825-996E-4162-97BA-F3517536A43E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.4.0:beta_2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "01944C65-F293-4896-9BB7-89A550F452F9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.4.0:beta_3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9EB1A0ED-7970-47F2-871B-700813F8E57B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.4.0:beta_4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E7EC503A-A8EB-4C4A-ADBA-303A363F5448"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.4.0:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C7ED98A3-78BD-4F5E-B35F-13CE90C7C197"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.4.0:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "030FEF45-5B99-4778-B2DB-1C340F01F8FB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F32F6302-043E-425A-AB23-E298409B243D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.4.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "41EFA07D-645A-42BB-B909-D9F95C050F49"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:apache:groovy:2.4.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "82B15E03-7CFA-464D-A7D3-8DAF9FAF25FD"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:health_sciences_clinical_development_center:3.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "25868228-0213-4C06-B4B0-5E504121C96A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:health_sciences_clinical_development_center:3.1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A0B53A9E-1C92-4F07-A68F-86F9EF393268"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_order_broker_cloud_service:4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5868A1C3-269C-4513-A52A-2BAA524ECA13"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C1805C8F-2487-436C-B1DE-5EBC5687F38E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AA9A5354-415D-44F3-8B59-C2177D1244A1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_order_broker_cloud_service:15.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3B9763AF-282B-40C7-B35C-4CA8C22FDC76"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:13.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5DE85F32-AA14-4932-A265-4163DF0331AC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:13.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B47231C8-15DD-4ABA-86D5-CB6EEF23F587"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:13.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3ACA9AD3-AAFA-439C-8839-62C9977D52BF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:14.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "69334F96-5759-4475-9931-038C98109D53"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "378A6656-252B-4929-83EA-BC107FDFD357"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "363395FA-C296-4B2B-9D6F-BCB8DBE6FACE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:13.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B28BA80D-9179-4A1A-A49B-5F110EF53072"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:14.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "62235B8C-F221-43D5-BA95-D9127D38C28B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:retail_store_inventory_management:14.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C1933509-1BEA-45DA-B6AF-2713B432B1F5"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1BB4709C-6373-43CC-918C-876A6569865A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:oracle:webcenter_sites:12.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E9A1595B-38E3-4444-A7C6-7BF310EF7E69"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://groovy-lang.org/security.html",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.html",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Mitigation",
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2016-0066.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/536012/100/0/threaded",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/75919",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/91787",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1034815",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2016:1376",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2017:2486",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://access.redhat.com/errata/RHSA-2017:2596",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://lists.apache.org/thread.html/rbb8e16cc5acab183124572b655bdf5fe1d5b5f477dc267352426c7ed@%3Cnotifications.shardingsphere.apache.org%3E",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://security.gentoo.org/glsa/201610-01",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://security.netapp.com/advisory/ntap-20160623-0001/",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
|
|
"source": "secalert@redhat.com"
|
|
}
|
|
]
|
|
} |