Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 515
Alerts This Week
Warning Icon 1 515

Fedora 44 antlr4-project Important Path Traversal Fix CVE-2026-13503

fedora
Calendar Grey July 19, 2026
Scroller Fedora
An important update for Fedora 44 fixing a path traversal issue in antlr4-project to ensure system integrity.
This update contains a fix for CVE-2026-13503.

Summary

ANTLR (ANother Tool for Language Recognition) is a powerful parser generator

for reading, processing, executing, or translating structured text or binary

files. It is widely used to build languages, tools, and frameworks. From a

grammar, ANTLR generates a parser that can build and walk parse trees.

Update Information:

This update contains a fix for CVE-2026-13503.

Change Log

* Fri Jul 10 2026 Jerry James - 4.13.2-18 - Add patch to fix CVE-2026-13503 * Fri Jul 10 2026 Jerry James - 4.13.2-17 - Drop unused BuildRequires

References


[ 1 ] Bug #2494757 - CVE-2026-13503 ANTLR4: Path traversal via manipulation of getImportedVocabFile function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494757

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-619f648cde' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: antlr4-project
Product: Fedora 44
Version: 4.13.2
Release: 18.fc44
Summary: Parser generator (ANother Tool for Language Recognition)

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.