Metrics
Affected Vendors & Products
Tue, 30 Jun 2026 12:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Mon, 29 Jun 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sun, 28 Jun 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
| Title | antlr ANTLR4 tokenVocab Grammar Option TokenVocabParser.java getImportedVocabFile path traversal | |
| First Time appeared |
Antlr
Antlr antlr4 |
|
| Weaknesses | CWE-22 | |
| CPEs | cpe:2.3:a:antlr:antlr4:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Antlr
Antlr antlr4 |
|
| References |
| |
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2026-06-28T15:15:07.671Z
Updated: 2026-06-29T13:11:20.305Z
Reserved: 2026-06-27T18:28:07.035Z
Link: CVE-2026-13503
Updated: 2026-06-29T13:11:17.103Z
No data.