{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-42920", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "dateUpdated": "2024-08-03T13:19:05.457Z", "dateReserved": "2022-10-14T00:00:00", "datePublished": "2022-11-07T00:00:00"}, "containers": {"cna": {"title": "Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing", "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-01-17T15:06:37.552203"}, "descriptions": [{"lang": "en", "value": "Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected. Update to Apache Commons BCEL 6.6.0."}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Commons BCEL", "versions": [{"version": "Apache Commons BCEL", "status": "affected", "lessThan": "6.6.0", "versionType": "custom"}]}], "references": [{"url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4"}, {"name": "[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2"}, {"name": "FEDORA-2022-01a56f581c", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/"}, {"name": "FEDORA-2022-0e358addb8", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/"}, {"name": "FEDORA-2022-f60a52e054", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/"}, {"name": "GLSA-202401-25", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202401-25"}], "credits": [{"lang": "en", "value": "Reported by Felix Wilhelm (Google); GitHub pull request to Apache Commons BCEL #147 by Richard Atkins (https://github.com/rjatkins); PR derived from OpenJDK (https://github.com/openjdk/jdk11u/) commit 13bf52c8d876528a43be7cb77a1f452d29a21492 by Aleksei Voitylov and RealCLanger (Christoph Langer https://github.com/RealCLanger)"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-787 Out-of-bounds Write", "cweId": "CWE-787"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"defect": ["BCEL-363"], "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:19:05.457Z"}, "title": "CVE Program Container", "references": [{"url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4", "tags": ["x_transferred"]}, {"name": "[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2"}, {"name": "FEDORA-2022-01a56f581c", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/"}, {"name": "FEDORA-2022-0e358addb8", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/"}, {"name": "FEDORA-2022-f60a52e054", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/"}, {"name": "GLSA-202401-25", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202401-25"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:commons_bcel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EDE5588-DA3A-40CD-8AD3-D35652C1FD2D", "versionEndExcluding": "6.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected. Update to Apache Commons BCEL 6.6.0."}, {"lang": "es", "value": "Apache Commons BCEL tiene una serie de API que normalmente solo permitir\u00edan cambiar caracter\u00edsticas de clase espec\u00edficas. Sin embargo, debido a un problema de escritura fuera de l\u00edmites, estas API se pueden utilizar para producir c\u00f3digo de bytes arbitrario. Se podr\u00eda abusar de esto en aplicaciones que pasan datos controlables por el atacante a esas API, lo que le da al atacante m\u00e1s control sobre el c\u00f3digo de bytes resultante del que se esperar\u00eda. Actualizaci\u00f3n a Apache Commons BCEL 6.6.0."}], "id": "CVE-2022-42920", "lastModified": "2024-11-21T07:25:35.887", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-11-07T13:15:10.270", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2"}, {"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4"}, {"source": "security@apache.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/"}, {"source": "security@apache.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/"}, {"source": "security@apache.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/"}, {"source": "security@apache.org", "url": "https://security.gentoo.org/glsa/202401-25"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202401-25"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "security@apache.org", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:0470", "cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8", "package": "mtr/mtr-operator-bundle:1.0-30", "product_name": "Migration Toolkit for Runtimes 1 on RHEL 8", "release_date": "2023-01-26T00:00:00Z"}, {"advisory": "RHSA-2023:0470", "cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8", "package": "mtr/mtr-rhel8-operator:1.0-10", "product_name": "Migration Toolkit for Runtimes 1 on RHEL 8", "release_date": "2023-01-26T00:00:00Z"}, {"advisory": "RHSA-2023:0470", "cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8", "package": "mtr/mtr-web-container-rhel8:1.0-15", "product_name": "Migration Toolkit for Runtimes 1 on RHEL 8", "release_date": "2023-01-26T00:00:00Z"}, {"advisory": "RHSA-2023:0470", "cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8", "package": "mtr/mtr-web-executor-container-rhel8:1.0-14", "product_name": "Migration Toolkit for Runtimes 1 on RHEL 8", "release_date": "2023-01-26T00:00:00Z"}, {"advisory": "RHSA-2023:0471", "cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8", "package": "org.jboss.windup-windup-parent", "product_name": "Migration Toolkit for Runtimes 1 on RHEL 8", "release_date": "2023-01-26T00:00:00Z"}, {"advisory": "RHSA-2023:0934", "cpe": "cpe:/a:redhat:migration_toolkit_applications:6.0::el8", "package": "mta/mta-ui-rhel8:6.0.1-10", "product_name": "MTA-6.0-RHEL-8", "release_date": "2023-02-28T00:00:00Z"}, {"advisory": "RHSA-2024:3527", "cpe": "cpe:/a:redhat:amq_streams:2", "product_name": "Red Hat AMQ Streams 2.7.0", "release_date": "2024-05-30T00:00:00Z"}, {"advisory": "RHSA-2022:8958", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "bcel-0:5.2-19.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-12-13T00:00:00Z"}, {"advisory": "RHSA-2023:0005", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "bcel-0:6.4.1-9.el9_1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-01-02T00:00:00Z"}, {"advisory": "RHSA-2023:0004", "cpe": "cpe:/a:redhat:rhel_eus:9.0", "package": "bcel-0:6.4.1-9.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date": "2023-01-02T00:00:00Z"}, {"advisory": "RHSA-2023:3954", "cpe": "cpe:/a:redhat:jboss_fuse:7", "impact": "moderate", "package": "apache-bcel", "product_name": "Red Hat Fuse 7.12", "release_date": "2023-06-29T00:00:00Z"}, {"advisory": "RHSA-2022:8959", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "package": "rh-maven36-bcel-0:6.3.1-2.3.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2022-12-13T00:00:00Z"}, {"advisory": "RHSA-2023:4983", "cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13", "package": "apache-bcel", "product_name": "RHPAM 7.13.4 async", "release_date": "2023-09-05T00:00:00Z"}], "bugzilla": {"description": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing", "id": "2142707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-787", "details": ["Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected. Update to Apache Commons BCEL 6.6.0.", "An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected."], "name": "CVE-2022-42920", "package_state": [{"cpe": "cpe:/a:redhat:migration_toolkit_applications:6", "fix_state": "Affected", "package_name": "org.jboss.windup-windup-cli-parent", "product_name": "Migration Toolkit for Applications 6"}, {"cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1", "fix_state": "Affected", "package_name": "org.jboss.windup.plugin-windup-maven-plugin", "product_name": "Migration Toolkit for Runtimes"}, {"cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1", "fix_state": "Affected", "package_name": "org.jboss.windup.plugin-windup-maven-plugin-parent", "product_name": "Migration Toolkit for Runtimes"}, {"cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1", "fix_state": "Affected", "package_name": "org.jboss.windup.rules-windup-rulesets", "product_name": "Migration Toolkit for Runtimes"}, {"cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1", "fix_state": "Affected", "package_name": "org.jboss.windup.rules-windup-rulesets-parent", "product_name": "Migration Toolkit for Runtimes"}, {"cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1", "fix_state": "Affected", "package_name": "org.jboss.windup.web-windup-web-parent", "product_name": "Migration Toolkit for Runtimes"}, {"cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1", "fix_state": "Affected", "package_name": "org.jboss.windup-windup-cli-parent", "product_name": "Migration Toolkit for Runtimes"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Not affected", "package_name": "apache-bcel", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "apache-bcel", "product_name": "Red Hat Integration Camel K 1"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Out of support scope", "package_name": "apache-bcel", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Out of support scope", "package_name": "apache-bcel", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "impact": "low", "package_name": "apache-bcel", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "apache-bcel", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Out of support scope", "package_name": "apache-bcel", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Out of support scope", "package_name": "apache-bcel", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Affected", "package_name": "apache-bcel", "product_name": "Red Hat Single Sign-On 7"}], "public_date": "2022-11-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-42920\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-42920\nhttps://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4"], "statement": "Fuse 7 ships the code in question but does not utilize it in the product, so it is affected at a reduced impact of Moderate.", "threat_severity": "Important"}