gsd-2015-7501
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2015-7501", "description": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.", "id": "GSD-2015-7501", "references": [ "https://access.redhat.com/errata/RHSA-2020:4274", "https://access.redhat.com/errata/RHSA-2016:1773", "https://access.redhat.com/errata/RHSA-2016:0118", "https://access.redhat.com/errata/RHSA-2016:0040", "https://access.redhat.com/errata/RHSA-2015:2671", "https://access.redhat.com/errata/RHSA-2015:2670", "https://access.redhat.com/errata/RHSA-2015:2579", "https://access.redhat.com/errata/RHSA-2015:2578", "https://access.redhat.com/errata/RHSA-2015:2560", "https://access.redhat.com/errata/RHSA-2015:2559", "https://access.redhat.com/errata/RHSA-2015:2557", "https://access.redhat.com/errata/RHSA-2015:2556", "https://access.redhat.com/errata/RHSA-2015:2548", "https://access.redhat.com/errata/RHSA-2015:2547", "https://access.redhat.com/errata/RHSA-2015:2542", "https://access.redhat.com/errata/RHSA-2015:2541", "https://access.redhat.com/errata/RHSA-2015:2540", "https://access.redhat.com/errata/RHSA-2015:2539", "https://access.redhat.com/errata/RHSA-2015:2538", "https://access.redhat.com/errata/RHSA-2015:2537", "https://access.redhat.com/errata/RHSA-2015:2536", "https://access.redhat.com/errata/RHSA-2015:2535", "https://access.redhat.com/errata/RHSA-2015:2534", "https://access.redhat.com/errata/RHSA-2015:2524", "https://access.redhat.com/errata/RHSA-2015:2523", "https://access.redhat.com/errata/RHSA-2015:2522", "https://access.redhat.com/errata/RHSA-2015:2521", "https://access.redhat.com/errata/RHSA-2015:2517", "https://access.redhat.com/errata/RHSA-2015:2516", "https://access.redhat.com/errata/RHSA-2015:2514", "https://access.redhat.com/errata/RHSA-2015:2502", "https://access.redhat.com/errata/RHSA-2015:2501", "https://access.redhat.com/errata/RHSA-2015:2500", "https://advisories.mageia.org/CVE-2015-7501.html", "https://alas.aws.amazon.com/cve/html/CVE-2015-7501.html", "https://linux.oracle.com/cve/CVE-2015-7501.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2015-7501" ], "details": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.", "id": "GSD-2015-7501", "modified": "2023-12-13T01:20:01.773107Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-7501", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2016:0040", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0040.html" }, { "name": "RHSA-2015:2670", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2670.html" }, { "name": "RHSA-2015:2501", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2501.html" }, { "name": "RHSA-2015:2517", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2517.html" }, { "name": "78215", "refsource": "BID", "url": "http://www.securityfocus.com/bid/78215" }, { "name": "1034097", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034097" }, { "name": "RHSA-2015:2671", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2671.html" }, { "name": "1037052", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037052" }, { "name": "1037640", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037640" }, { "name": "RHSA-2015:2522", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2522.html" }, { "name": "RHSA-2015:2521", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2521.html" }, { "name": "RHSA-2015:2516", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2516.html" }, { "name": "RHSA-2015:2500", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2500.html" }, { "name": "RHSA-2015:2514", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2514.html" }, { "name": "RHSA-2015:2502", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2502.html" }, { "name": "RHSA-2015:2536", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2015-2536.html" }, { "name": "RHSA-2016:1773", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1773.html" }, { "name": "RHSA-2015:2524", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2524.html" }, { "name": "1037053", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037053" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1279330", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1279330" }, { "name": "https://access.redhat.com/solutions/2045023", "refsource": "CONFIRM", "url": "https://access.redhat.com/solutions/2045023" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "name": "https://access.redhat.com/security/vulnerabilities/2059393", "refsource": "CONFIRM", "url": "https://access.redhat.com/security/vulnerabilities/2059393" }, { "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://security.netapp.com/advisory/ntap-20240216-0010/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20240216-0010/" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "[3-alpha0,3.2.1]", "affected_versions": "All versions starting from 3-alpha0 up to 3.2.1", "cvss_v2": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "cwe_ids": [ "CWE-1035", "CWE-502", "CWE-937" ], "date": "2018-10-16", "description": "This package allows code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.", "fixed_versions": [ "3.2.2" ], "identifier": "CVE-2015-7501", "identifiers": [ "CVE-2015-7501" ], "not_impacted": "All versions before 3-alpha0, all versions after 3.2.1", "package_slug": "maven/commons-collections/commons-collections", "pubdate": "2017-11-09", "solution": "Upgrade to version 3.2.2 or above.", "title": "InvokerTransformer code execution during deserialization", "urls": [ "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/" ], "uuid": "764cfde7-c100-4e8f-b3c1-d34169d097c3" }, { "affected_range": "[4.0, 4.1)", "affected_versions": "All versions starting from 4.0", "cvss_v2": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "cwe_ids": [ "CWE-1035", "CWE-502", "CWE-937" ], "date": "2018-10-16", "description": "This package allows code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.", "fixed_versions": [ "4.1" ], "identifier": "CVE-2015-7501", "identifiers": [ "CVE-2015-7501" ], "package_slug": "maven/org.apache.commons/commons-collections4", "pubdate": "2017-11-09", "solution": "Upgrade to version 4.1 or above.", "title": "InvokerTransformer code execution during deserialization", "urls": [ "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/" ], "uuid": "eeca8c8a-f685-433b-9358-440982bbac05" } ] }, "nvd.nist.gov": { "cve": { "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:data_grid:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D90858CA-996D-4A07-A57A-5E228BBED442", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_a-mq:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C4404A-CFB7-4B47-9487-F998825C31CA", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_bpm_suite:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "7750C45E-4D02-45D5-A3AA-CF024C20AC8D", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_data_virtualization:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "3257F51A-C847-4251-8B1B-D8DEF11677A3", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5CDDAFDB-E67A-4795-B2C4-C2D31734ABC8", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E82B2AD8-967D-4ABE-982B-87B9DE73F8D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F5D7F1AD-4BD3-4C37-B6B5-B287464B2EEB", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9CDC2527-97FE-409D-8DD6-78E085CC73C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA0930C5-C483-414C-879D-029FDE8251C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DFB8FED0-E0C6-409C-A2D8-B3999265D545", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8E2F2F98-DB90-43F6-8F28-3656207B6188", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A305F012-544E-4245-9D69-1C8CD37748B1", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_fuse_service_works:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3B78438D-1321-4BF4-AEB1-DAF60D589530", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "C077D692-150C-4AE9-8C0B-7A3EA5EB1100", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:jboss_portal:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5C01A82-F078-4D08-93D0-6318272D3D8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*", "matchCriteriaId": "45690263-84D9-45A1-8C30-3ED2F0F11F47", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:subscription_asset_manager:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6047BC2A-5EDB-458F-BBDB-38C0C3CF4E7C", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:xpaas:3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F58B1F3C-C27D-4387-9164-C3E2E0960A2A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library." }, { "lang": "es", "value": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x y 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x y 5.x; Enterprise Application Platform 6.x, 5.x y 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x y Red Hat Subscription Asset Manager 1.3 permiten que atacantes remotos ejecuten comandos arbitrarios mediante un objeto Java serializado manipulado. Esto est\u00e1 relacionado con la librer\u00eda ACC (Apache Commons Collections)." } ], "id": "CVE-2015-7501", "lastModified": "2024-02-16T13:15:08.013", "metrics": { "cvssMetricV2": [ { "acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2017-11-09T17:29:00.203", "references": [ { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-2500.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-2501.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-2502.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-2514.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-2516.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-2517.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-2521.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-2522.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-2524.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-2670.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-2671.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-0040.html" }, { "source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-1773.html" }, { "source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" }, { "source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" }, { "source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/78215" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034097" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037052" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037053" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1037640" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/security/vulnerabilities/2059393" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://access.redhat.com/solutions/2045023" }, { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1279330" }, { "source": "secalert@redhat.com", "url": "https://rhn.redhat.com/errata/RHSA-2015-2536.html" }, { "source": "secalert@redhat.com", "url": "https://security.netapp.com/advisory/ntap-20240216-0010/" }, { "source": "secalert@redhat.com", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-502" } ], "source": "nvd@nist.gov", "type": "Primary" } ] } } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.