CVE-2013-2035: Code Injection

August 28, 2013 (updated January 17, 2015)

Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp.

References

bugzilla.redhat.com/CVE-2013-2035

Detect and mitigate CVE-2013-2035 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →