org.fusesource.hawtjni:hawtjni-runtime@1.3 vulnerabilities

latest version

1.18

latest non vulnerable version

1.18

first published

15 years ago

latest version published

4 years ago

licenses detected

(Apache-2.0 OR EPL-1.0)
[1.0,)

package registry

View on Maven Central Repository

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the org.fusesource.hawtjni:hawtjni-runtime package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Arbitrary Code Injection org.fusesource.hawtjni:hawtjni-runtime is a JNI code generator based on the JNI generator used by the eclipse SWT project. Affected versions of this package are vulnerable to Arbitrary Code Injection in `hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in`. When a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp. How to fix Arbitrary Code Injection? Upgrade `org.fusesource.hawtjni:hawtjni-runtime` to version 1.8 or higher.	[,1.8)

Arbitrary Code Injection

org.fusesource.hawtjni:hawtjni-runtime is a JNI code generator based on the JNI generator used by the eclipse SWT project.

Affected versions of this package are vulnerable to Arbitrary Code Injection in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in. When a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp.

How to fix Arbitrary Code Injection?

Upgrade org.fusesource.hawtjni:hawtjni-runtime to version 1.8 or higher.

[,1.8)

Go back to all versions of this package