| |
Vulnerability CVE-2022-42920
Published: 2022-11-07
| Description: |
Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected. Update to Apache Commons BCEL 6.6.0. |
Type:
CWE-787
References: |
https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
