VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-fakr-zn3n-e3eh

Essentials
Severities (16)
References (35)
Severity details (15)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-fakr-zn3n-e3eh
Aliases	CVE-2013-2035 GHSA-49j7-qghp-5wj8
Summary	Improper Control of Generation of Code in HawtJNI Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp.
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-94	Improper Control of Generation of Code ('Code Injection')
CWE-377	Insecure Temporary File
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-1029.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-1784.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-1785.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-1786.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2014-0029.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2014-0245.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2014-0254.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2014-0400.html
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2015-0034.html
epss	0.00043	https://api.first.org/data/v1/epss?cve=CVE-2013-2035
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2035
generic_textual	MODERATE	https://github.com/fusesource/hawtjni/commit/92c266170ce98edc200c656bd034a237098b8aa5
generic_textual	MODERATE	https://github.com/jline/jline2/issues/85
generic_textual	MODERATE	https://github.com/jruby/jruby/issues/732
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2013-2035
generic_textual	MODERATE	http://www.osvdb.org/93411

Reference id	Reference type	URL
		http://rhn.redhat.com/errata/RHSA-2013-1029.html
		http://rhn.redhat.com/errata/RHSA-2013-1784.html
		http://rhn.redhat.com/errata/RHSA-2013-1785.html
		http://rhn.redhat.com/errata/RHSA-2013-1786.html
		http://rhn.redhat.com/errata/RHSA-2014-0029.html
		http://rhn.redhat.com/errata/RHSA-2014-0245.html
		http://rhn.redhat.com/errata/RHSA-2014-0254.html
		http://rhn.redhat.com/errata/RHSA-2014-0400.html
		http://rhn.redhat.com/errata/RHSA-2015-0034.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2035.json
		https://api.first.org/data/v1/epss?cve=CVE-2013-2035
		https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2035
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2035
		https://github.com/fusesource/hawtjni/commit/92c266170ce98edc200c656bd034a237098b8aa5
		https://github.com/jline/jline2/issues/85
		https://github.com/jruby/jruby/issues/732
		https://nvd.nist.gov/vuln/detail/CVE-2013-2035
		http://www.osvdb.org/93411
708293		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708293
958618		https://bugzilla.redhat.com/show_bug.cgi?id=958618
CVE-2013-2035		https://bugzilla.redhat.com/CVE-2013-2035
RHSA-2013:1029		https://access.redhat.com/errata/RHSA-2013:1029
RHSA-2013:1784		https://access.redhat.com/errata/RHSA-2013:1784
RHSA-2013:1785		https://access.redhat.com/errata/RHSA-2013:1785
RHSA-2013:1786		https://access.redhat.com/errata/RHSA-2013:1786
RHSA-2014:0029		https://access.redhat.com/errata/RHSA-2014:0029
RHSA-2014:0245		https://access.redhat.com/errata/RHSA-2014:0245
RHSA-2014:0254		https://access.redhat.com/errata/RHSA-2014:0254
RHSA-2014:0400		https://access.redhat.com/errata/RHSA-2014:0400
RHSA-2014:0401		https://access.redhat.com/errata/RHSA-2014:0401
RHSA-2014:1290		https://access.redhat.com/errata/RHSA-2014:1290
RHSA-2014:1291		https://access.redhat.com/errata/RHSA-2014:1291
RHSA-2014:1904		https://access.redhat.com/errata/RHSA-2014:1904
RHSA-2014:1995		https://access.redhat.com/errata/RHSA-2014:1995
RHSA-2015:0034		https://access.redhat.com/errata/RHSA-2015:0034

No exploits are available.

Exploit Prediction Scoring System (EPSS)

Percentile	0.13644
EPSS Score	0.00043
Published At	May 29, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-05-29T09:34:48.696489+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-49j7-qghp-5wj8/GHSA-49j7-qghp-5wj8.json	38.6.0