Critical: java-1.8.0-openjdk

🗓️ 26 Apr 2018 00:00:00Reported by AmazonType

amazon

amazon🔗 alas.aws.amazon.com👁 36 Views

Critical: Unbounded memory allocation and deserialization vulnerabilities in Java 1.8.0 openjd

Reporter	Title	Published	Views	Family All 699
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Support Assistant Team Server	10 Sep 201823:05	–	ibm
IBM Security Bulletins	Security Bulletin: Java SE issues disclosed in the Oracle April 2018 Critical Patch Update affects IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation	18 Jun 201801:43	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Host On-Demand	3 Aug 201804:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Conductor with Spark	2 Aug 202108:47	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9 and IBM BigFix Inventory v9	10 Oct 201919:56	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) & Rational Directory Administrator	20 Jul 201820:55	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM SONAS	1 Nov 201810:40	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM® Java™ SDK and IBM® Java™ Runtime affect IBM® Intelligent Operations Center products	21 Dec 201811:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in the IBM SDK, Java Technology Edition affect IBM Performance Management products	3 Jul 201803:27	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Directory Server	11 Jan 201916:25	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Amazon Linux	2	x86_64	java-1.8.0-openjdk	1.8.0.171-7.b10.amzn2	java-1.8.0-openjdk-1.8.0.171-7.b10.amzn2.x86_64.rpm
Amazon Linux	2	x86_64	java-1.8.0-openjdk-accessibility	1.8.0.171-7.b10.amzn2	java-1.8.0-openjdk-accessibility-1.8.0.171-7.b10.amzn2.x86_64.rpm
Amazon Linux	2	x86_64	java-1.8.0-openjdk-accessibility-debug	1.8.0.171-7.b10.amzn2	java-1.8.0-openjdk-accessibility-debug-1.8.0.171-7.b10.amzn2.x86_64.rpm
Amazon Linux	2	x86_64	java-1.8.0-openjdk-debug	1.8.0.171-7.b10.amzn2	java-1.8.0-openjdk-debug-1.8.0.171-7.b10.amzn2.x86_64.rpm
Amazon Linux	2	x86_64	java-1.8.0-openjdk-debuginfo	1.8.0.171-7.b10.amzn2	java-1.8.0-openjdk-debuginfo-1.8.0.171-7.b10.amzn2.x86_64.rpm
Amazon Linux	2	x86_64	java-1.8.0-openjdk-demo	1.8.0.171-7.b10.amzn2	java-1.8.0-openjdk-demo-1.8.0.171-7.b10.amzn2.x86_64.rpm
Amazon Linux	2	x86_64	java-1.8.0-openjdk-demo-debug	1.8.0.171-7.b10.amzn2	java-1.8.0-openjdk-demo-debug-1.8.0.171-7.b10.amzn2.x86_64.rpm
Amazon Linux	2	x86_64	java-1.8.0-openjdk-devel	1.8.0.171-7.b10.amzn2	java-1.8.0-openjdk-devel-1.8.0.171-7.b10.amzn2.x86_64.rpm
Amazon Linux	2	x86_64	java-1.8.0-openjdk-devel-debug	1.8.0.171-7.b10.amzn2	java-1.8.0-openjdk-devel-debug-1.8.0.171-7.b10.amzn2.x86_64.rpm
Amazon Linux	2	x86_64	java-1.8.0-openjdk-headless	1.8.0.171-7.b10.amzn2	java-1.8.0-openjdk-headless-1.8.0.171-7.b10.amzn2.x86_64.rpm

26 Apr 2018 00:00Current

5.3Medium risk

Vulners AI Score5.3

CVSS 25.1

CVSS 3.15.3 - 8.3

CVSS 34.2

EPSS0.00693

SSVC

critical vulnerability unbounded memory allocation deserialization java se jrockit security partial dos