Alvaro Muñoz and Christian Schneider discovered that BeanShell incorrectly handled deserialization. A remote attacker could possibly use this issue to execute arbitrary code.
{ "binaries": [ { "binary_name": "bsh", "binary_version": "2.0b4-15ubuntu0.14.04.1" }, { "binary_name": "bsh-doc", "binary_version": "2.0b4-15ubuntu0.14.04.1" }, { "binary_name": "bsh-src", "binary_version": "2.0b4-15ubuntu0.14.04.1" }, { "binary_name": "libbsh-java", "binary_version": "2.0b4-15ubuntu0.14.04.1" } ], "availability": "No subscription required" }