CVE-2015-3253
Vulnerability from cvelistv5
Published
2015-08-13 14:00
Modified
2024-08-06 05:39
Severity ?
Summary
The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.
References
secalert@redhat.comhttp://groovy-lang.org/security.htmlVendor Advisory
secalert@redhat.comhttp://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.htmlMitigation, Third Party Advisory, VDB Entry
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-0066.html
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlPatch, Third Party Advisory
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlPatch, Third Party Advisory
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/536012/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/75919Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.securityfocus.com/bid/91787Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.securitytracker.com/id/1034815
secalert@redhat.comhttp://www.zerodayinitiative.com/advisories/ZDI-15-365/Third Party Advisory, VDB Entry
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2016:1376
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:2486
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2017:2596
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
secalert@redhat.comhttps://lists.apache.org/thread.html/rbb8e16cc5acab183124572b655bdf5fe1d5b5f477dc267352426c7ed%40%3Cnotifications.shardingsphere.apache.org%3E
secalert@redhat.comhttps://security.gentoo.org/glsa/201610-01
secalert@redhat.comhttps://security.netapp.com/advisory/ntap-20160623-0001/
secalert@redhat.comhttps://www.oracle.com/security-alerts/cpuapr2020.html
secalert@redhat.comhttps://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
af854a3a-2127-422b-91ae-364da2661108http://groovy-lang.org/security.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.htmlMitigation, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-0066.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/536012/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/75919Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/91787Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034815
af854a3a-2127-422b-91ae-364da2661108http://www.zerodayinitiative.com/advisories/ZDI-15-365/Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2016:1376
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2486
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2017:2596
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755
af854a3a-2127-422b-91ae-364da2661108https://lists.apache.org/thread.html/rbb8e16cc5acab183124572b655bdf5fe1d5b5f477dc267352426c7ed%40%3Cnotifications.shardingsphere.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201610-01
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20160623-0001/
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpuapr2020.html
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:39:32.116Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "RHSA-2017:2596",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2596"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "name": "RHSA-2016:1376",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1376"
          },
          {
            "name": "GLSA-201610-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201610-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://groovy-lang.org/security.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20160623-0001/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "name": "RHSA-2016:0066",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-0066.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
          },
          {
            "name": "91787",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91787"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"
          },
          {
            "name": "RHSA-2017:2486",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2486"
          },
          {
            "name": "1034815",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034815"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "name": "75919",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75919"
          },
          {
            "name": "20150716 [CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/536012/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
          },
          {
            "name": "[shardingsphere-notifications] 20200623 [GitHub] [shardingsphere] liuqiankun93 opened a new issue #6180: The groovy-2.4.5-indy.jar has High-level security risks",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rbb8e16cc5acab183124572b655bdf5fe1d5b5f477dc267352426c7ed%40%3Cnotifications.shardingsphere.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-07-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-24T04:06:18",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "RHSA-2017:2596",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2596"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
        },
        {
          "name": "RHSA-2016:1376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1376"
        },
        {
          "name": "GLSA-201610-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201610-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://groovy-lang.org/security.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20160623-0001/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "name": "RHSA-2016:0066",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-0066.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
        },
        {
          "name": "91787",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91787"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"
        },
        {
          "name": "RHSA-2017:2486",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2486"
        },
        {
          "name": "1034815",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034815"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
        },
        {
          "name": "75919",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75919"
        },
        {
          "name": "20150716 [CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/536012/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
        },
        {
          "name": "[shardingsphere-notifications] 20200623 [GitHub] [shardingsphere] liuqiankun93 opened a new issue #6180: The groovy-2.4.5-indy.jar has High-level security risks",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rbb8e16cc5acab183124572b655bdf5fe1d5b5f477dc267352426c7ed%40%3Cnotifications.shardingsphere.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2015-3253",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "RHSA-2017:2596",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2596"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
            },
            {
              "name": "RHSA-2016:1376",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1376"
            },
            {
              "name": "GLSA-201610-01",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201610-01"
            },
            {
              "name": "http://groovy-lang.org/security.html",
              "refsource": "CONFIRM",
              "url": "http://groovy-lang.org/security.html"
            },
            {
              "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
              "refsource": "CONFIRM",
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755"
            },
            {
              "name": "http://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20160623-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20160623-0001/"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
            },
            {
              "name": "RHSA-2016:0066",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-0066.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
            },
            {
              "name": "91787",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91787"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-365/"
            },
            {
              "name": "RHSA-2017:2486",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2486"
            },
            {
              "name": "1034815",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034815"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
            },
            {
              "name": "75919",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/75919"
            },
            {
              "name": "20150716 [CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/536012/100/0/threaded"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            },
            {
              "name": "[shardingsphere-notifications] 20200623 [GitHub] [shardingsphere] liuqiankun93 opened a new issue #6180: The groovy-2.4.5-indy.jar has High-level security risks",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rbb8e16cc5acab183124572b655bdf5fe1d5b5f477dc267352426c7ed@%3Cnotifications.shardingsphere.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-3253",
    "datePublished": "2015-08-13T14:00:00",
    "dateReserved": "2015-04-10T00:00:00",
    "dateUpdated": "2024-08-06T05:39:32.116Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-3253\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2015-08-13T14:59:02.377\",\"lastModified\":\"2024-11-21T02:29:00.140\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en la clase MethodClosure en runtime/MethodClosure.java en Apache Groovy desde la versi\u00f3n 1.7.0 hasta la versi\u00f3n 2.4.3, permite a atacantes remotos ejecutar c\u00f3digo arbitrario y causar una denegaci\u00f3n de servicio a trav\u00e9s de un objeto serializado manipulado.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-74\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"565A8A62-8F7E-4C3F-934C-F36B9A353D9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.0:beta_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"15210A74-0E69-4F28-B356-8EA7ED0C3831\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.0:beta_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FBE9618-5A18-401C-8D74-0EAA02D31553\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CA686E1-6384-4F43-8165-31C490909ACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"94170FFD-A756-4BFC-8900-91E0D64CE6FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97DB1B72-ACC3-4C82-A182-F1BD7766B01A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDA45976-50A3-444F-8693-734CF07D0ED6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8082E398-371E-469E-B699-1B5AB0EEF676\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7B81590-6C49-48D6-A2E9-BA09B549159F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D3E726E-1043-4067-8AB4-02A08C52D7C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30E267FA-A156-4880-822E-5A34094FC26E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"789D66C8-8B94-4349-830F-D9A6D6C5FF35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8AA186A-3061-49E2-996A-3405198BACB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4118B67D-10CA-4373-ADC5-B7C1AA0B0814\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A559B2D-6F1B-40C8-A8F8-DC0F272D9C05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.7.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"607B9E80-F763-4445-8CBE-AB30F81E9F79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49B6C53B-12DE-499E-BF11-21E988AE69E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.0:beta_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DB271EE-55C6-420A-A4F3-1FCCC4A1E536\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.0:beta_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"534CF3B2-1526-4939-8CA4-73C136139B37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.0:beta_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FE5ED10-9BE1-497C-BFF5-FB117D470868\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.0:beta_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"41E75756-0D5C-497E-9C95-8F89C6CDD0A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"76050825-9A03-462F-9035-87EDC0E32091\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"41313322-E506-46F2-BB0C-F0F90E9C8F66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F9A2859-681A-43DE-8282-F7AE72EC5670\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7646FEB3-83B2-4951-A3C9-863B4938FB98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"566A91C5-672E-458D-896C-481E40F116D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15F6843B-12C7-4E7D-986B-0EE7098A2BE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86911526-4911-4EF4-A5FB-742F2F23C283\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38620A98-0F48-4BB2-8FEA-D00796713056\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0EF6781-95D4-4908-A55D-888F694BF468\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCB846E3-8D81-44B1-8C9A-CF68E93D68ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19503EAB-5637-4075-9A29-892F7395E743\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96768F0A-E177-471F-8197-EFF56CE0FD17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.8.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8062ACA3-BEA2-46CC-99C7-F6AE92E4130E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7F78C79-0F93-4E38-972C-03DEC7CDCDD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.9.0:beta_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A382D9C5-DE4F-4A0A-8D2E-D5B7CE152A9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.9.0:beta_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E1D3896-B64A-45FA-B861-775D834E8D3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:1.9.0:beta_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"94B67066-EDC2-4852-A092-D9E5BD3DAE2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34AE23A0-2A65-4E7F-869F-3A41C3F6565B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.0:beta_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E9B8472-DB38-4EE9-83D0-C4A1DE44EB4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.0:beta_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"61F98F74-5405-4E32-B944-9FCD1D744B49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.0:beta_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBD11E3A-C94A-464E-8584-5841872B3E51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B791A7E8-5DE3-4B76-97F7-218B79E0ADE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F78F0F9F-6A17-436B-979B-0F2EF00A4860\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9DFB6E8-7A3D-4F31-AF7C-D35BA2133EE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3E8BFC0-1EF8-4643-84BF-6513A7D36AC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16C0C857-A41F-429E-BD7F-16D7CC14A51C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ABCD368-372F-4B11-932B-25835A5F1166\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07710AAB-E7D6-4600-AE17-A4B9411F5BD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D12AB90-D1A6-4C7B-BEA1-E58D17FE97A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37625E89-604B-4752-8A0D-0FCF18087AD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5360B48-32BE-4FE4-AE6C-28EF84F47C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2BAA2EA-3C54-498A-A36B-09D6EF699E8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50377CE0-189E-421D-A1C7-AFC7BCBE9853\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35E15550-2DF5-468D-AE6C-079AFB748ABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.0:beta_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D37474B0-0EDB-4737-A190-F099AA0EC348\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BDBE78B-64A5-492C-A86D-1D2987C2C0B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC63DA9-4234-42BE-A76A-4564FA2936E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"57557B0C-A098-491B-BC71-97B1F3E707E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51D24DF2-56FE-426D-925F-BF1D48A6C45A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8393D1C7-BA26-4589-8CF4-4A9C6F2F9436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E12A9163-017E-40D5-B3B2-DCEF912F3CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE6AB4B1-47F3-4955-A5F8-46870569D2E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69884871-DE94-481A-B890-8385BA585B98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A46A0844-9BF9-4D0B-91FA-3D2B979E8F0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A898188-E98A-479C-9ED8-3FD9691299CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A3C399D-AE93-401C-9BA0-A5D443624CB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C7E3BA4-5E49-4E09-999A-629C36C20E46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4DCC641-2C37-4F21-8963-7008C5DA35B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.2.0:beta_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BC9559B-A23E-4B08-9E02-49829B2DB9AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.2.0:beta_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"526A1F0B-3F77-4A9C-9223-3523C3E2F0E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"969A19E4-3AB0-4C59-BDCE-44E853A395C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.2.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"72927C4F-377E-423A-A687-4036E330436D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.2.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"355D2577-34C8-4756-B7B4-F55B13D65ACA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D614336-6677-42AD-8CFB-8B61486BFB25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C4F207A-48DE-4460-8C53-E34D2E1C3ADE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BB2F67B-CD0C-458E-A0EA-AF17EF8620BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.0:beta_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3688447-B686-4891-844D-327DCDC71284\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.0:beta_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E958086-18A5-4F0B-938D-E00634BC117F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B773B2C0-DC4D-4E9B-B484-96C1587CCF2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"19F1095C-C1A3-427C-8149-BA030F2B3035\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC8AEB6E-B8EA-49A2-96A3-CD37A9B32F73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C8E8367-DC45-4477-A688-B8962EFECCAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A60CE0-48AB-4FE1-8999-D398CA4F6B6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DDD1340-FE0B-49AA-981D-F30FDAC56F90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBDDF4CF-A5EE-45AB-9283-67F2AA4630BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E5698C9-D5EA-4D7B-A495-BB3179F3D7E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEB8ED44-7A1E-4B78-BF54-F596F94909B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A08181CD-D0C4-4DF4-A0AC-50DD9330F8AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1531317F-0F79-47CD-9DC7-6683B23E891E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B73D9E09-E5BE-4C75-8C20-91640FC0FA97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AA55ECE-FD75-4708-BE4E-6FF599365EB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"593D33D0-744A-4DF8-B7D8-A3B85CDF20C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E02C5676-5F69-4AB9-BFF3-76878DD20EBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.4.0:beta_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ABF7825-996E-4162-97BA-F3517536A43E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.4.0:beta_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"01944C65-F293-4896-9BB7-89A550F452F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.4.0:beta_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EB1A0ED-7970-47F2-871B-700813F8E57B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.4.0:beta_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7EC503A-A8EB-4C4A-ADBA-303A363F5448\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.4.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7ED98A3-78BD-4F5E-B35F-13CE90C7C197\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.4.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"030FEF45-5B99-4778-B2DB-1C340F01F8FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F32F6302-043E-425A-AB23-E298409B243D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41EFA07D-645A-42BB-B909-D9F95C050F49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:groovy:2.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82B15E03-7CFA-464D-A7D3-8DAF9FAF25FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_clinical_development_center:3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25868228-0213-4C06-B4B0-5E504121C96A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:health_sciences_clinical_development_center:3.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0B53A9E-1C92-4F07-A68F-86F9EF393268\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker_cloud_service:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5868A1C3-269C-4513-A52A-2BAA524ECA13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1805C8F-2487-436C-B1DE-5EBC5687F38E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA9A5354-415D-44F3-8B59-C2177D1244A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_order_broker_cloud_service:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B9763AF-282B-40C7-B35C-4CA8C22FDC76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DE85F32-AA14-4932-A265-4163DF0331AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B47231C8-15DD-4ABA-86D5-CB6EEF23F587\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ACA9AD3-AAFA-439C-8839-62C9977D52BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69334F96-5759-4475-9931-038C98109D53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"378A6656-252B-4929-83EA-BC107FDFD357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"363395FA-C296-4B2B-9D6F-BCB8DBE6FACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_store_inventory_management:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B28BA80D-9179-4A1A-A49B-5F110EF53072\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_store_inventory_management:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62235B8C-F221-43D5-BA95-D9127D38C28B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_store_inventory_management:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1933509-1BEA-45DA-B6AF-2713B432B1F5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BB4709C-6373-43CC-918C-876A6569865A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_sites:12.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9A1595B-38E3-4444-A7C6-7BF310EF7E69\"}]}]}],\"references\":[{\"url\":\"http://groovy-lang.org/security.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mitigation\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0066.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/536012/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/75919\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/91787\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1034815\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-15-365/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1376\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2486\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2596\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/rbb8e16cc5acab183124572b655bdf5fe1d5b5f477dc267352426c7ed%40%3Cnotifications.shardingsphere.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.gentoo.org/glsa/201610-01\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20160623-0001/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://groovy-lang.org/security.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0066.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/536012/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/75919\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/91787\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1034815\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-15-365/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1376\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2486\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2596\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rbb8e16cc5acab183124572b655bdf5fe1d5b5f477dc267352426c7ed%40%3Cnotifications.shardingsphere.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201610-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20160623-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.