漏洞信息详情

Apache Groovy 代码问题漏洞

  • CNNVD编号:CNNVD-201701-385
  • 危害等级: 超危
  • CVE编号: CVE-2016-6814
  • 漏洞类型: 代码问题
  • 发布时间: 2017-01-17
  • 威胁类型: 远程
  • 更新时间: 2020-07-16
  • 厂        商: apache
  • 漏洞来源: Sam Thomas of Pent...

漏洞简介

Apache Groovy是美国阿帕奇(Apache)软件基金会的一种基于Java平台面向对象的编程语言,它结合了Python、Ruby和Smalltalk的许多强大的特性。

Apache Groovy 2.4.4版本至2.4.7版本和1.7.0版本至2.4.3版本中存在远程代码执行漏洞。攻击者可通过制作序列化对象利用该漏洞在用户运行的受影响应用程序上下文中执行任意代码,造成拒绝服务。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E

参考网址

来源:www.oracle.com

链接:https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

来源:www.oracle.com

链接:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

来源:www.oracle.com

链接:https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

来源:www.oracle.com

链接:https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

来源:www.oracle.com

链接:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

来源:incubator.apache.org

链接:http://incubator.apache.org/projects/groovy.html

来源:groovy-lang.org

链接:http://groovy-lang.org/security.html

来源:MISC

链接:https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

来源:REDHAT

链接:http://rhn.redhat.com/errata/RHSA-2017-0272.html

来源:GENTOO

链接:https://security.gentoo.org/glsa/202003-01

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2017:0868

来源:BID

链接:https://www.securityfocus.com/bid/95429

来源:MISC

链接:http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E

来源:www.oracle.com

链接:https://www.oracle.com/security-alerts/cpujan2020.html

来源:SECTRACK

链接:http://www.securitytracker.com/id/1039600

来源:CONFIRM

链接:http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

来源:CONFIRM

链接:http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2017:2486

来源:REDHAT

链接:https://access.redhat.com/errata/RHSA-2017:2596

来源:MISC

链接:https://www.oracle.com/security-alerts/cpujul2020.html

来源:www.oracle.com

链接:https://www.oracle.com/technetwork/security-advisory/cpuoct2019verbose-5072833.html

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/156702/Gentoo-Linux-Security-Advisory-202003-01.html

来源:www.oracle.com

链接:https://www.oracle.com/security-alerts/cpujul2020.html

来源:www.securityfocus.com

链接:https://www.securityfocus.com/bid/95429

来源:www.oracle.com

链接:https://www.oracle.com/security-alerts/cpujan2020verbose.html

漏洞信息快速查询

相关漏洞

更多