Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs.

Affected Products

Brocade SANnav versions before v2.2.0.2

cnvd 1

prion 1

ibm 47

osv 9

cve 1

alpinelinux 1

veracode 1

ubuntucve 1

debiancve 1

cbl_mariner 1

redhatcve 1

openvas 21

f5 1

rosalinux 1

nessus 48

kaspersky 1

suse 3

oraclelinux 3

amazon 2

rocky 4

fedora 4

altlinux 1

almalinux 2

debian 2

redhat 14

ubuntu 2

centos 1

broadcom 1

gentoo 1

photon 1

oracle 1

cnvd

Oracle GraalVM Input Validation Error Vulnerability (CNVD-2022-15475)

2022-01-24 00:00:00

prion

Buffer overflow

2022-01-19 12:15:00

ibm

Security Bulletin: A vulnerability in IBM JAVA JDK affects IBM Spectrum Scale packaged in IBM Elastic Storage System (CVE-2022-21291)

2022-05-23 13:09:27

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to an unspecified vulnerability in Java SE ( CVE-2022-21291)

2022-05-07 22:09:51

Security Bulletin: Vulnerability in IBM JAVA JDK affects IBM Spectrum Scale (CVE-2022-21291)

2022-05-02 12:17:03

osv

CVE-2022-21291

2022-01-19 12:15:12

openjdk-17 - security update

2022-01-25 00:00:00

openjdk-11 - security update

2022-01-24 00:00:00

cve

CVE-2022-21291

2022-01-19 12:15:00

alpinelinux

CVE-2022-21291

2022-01-19 12:15:00

veracode

Remote Code Execution (RCE)

2022-01-29 17:13:33

ubuntucve

CVE-2022-21291

2022-01-19 00:00:00

debiancve

CVE-2022-21291

2022-01-19 12:15:00

cbl_mariner

CVE-2022-21291 affecting package openjdk8 1.8.0.292-1

2022-03-10 23:47:38

redhatcve

CVE-2022-21291

2022-01-18 21:50:06

openvas

Oracle OpenJDK 11, 13, 15, 17 Multiple Vulnerabilities (Jan 2022)

2022-01-19 00:00:00

Oracle Java SE Security Update (jan2022) 02 - Windows

2022-01-19 00:00:00

Oracle Java SE Security Update (jan2022) 02 - Linux

2022-01-19 00:00:00

K44270253 : OpenJDK vulnerabilities CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, and CVE-2022-21299

2022-09-09 00:00:00

rosalinux

Advisory ROSA-SA-2023-2139

2023-04-04 15:28:40

nessus

Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2023-003)

2023-02-23 00:00:00

IBM Java 7.0 < 7.0.11.5 / 7.1 < 7.1.5.5 / 8.0 < 8.0.7.5 Multiple Vulnerabilities

2022-04-29 00:00:00

openSUSE 15 Security Update : java-1_8_0-openj9 (openSUSE-SU-2022:0870-1)

2022-03-17 00:00:00

kaspersky

KLA12426 Multiple vulnerabilities in Oracle Java and GraalVM

2022-01-18 00:00:00

suse

Security update for java-1_8_0-openj9 (important)

2022-03-16 00:00:00

Security update for java-11-openjdk (moderate)

2022-03-14 00:00:00

Security update for java-1_8_0-ibm (important)

2022-03-29 00:00:00

oraclelinux

java-11-openjdk security update

2022-01-24 00:00:00

java-17-openjdk security update

2022-01-19 00:00:00

java-11-openjdk security update

2022-01-24 00:00:00

amazon

Medium: java-17-amazon-corretto

2022-02-15 22:56:00

Medium: java-11-amazon-corretto

2022-02-15 22:58:00

rocky

java-11-openjdk security update

2022-01-24 09:03:13

java-11-openjdk security update

2022-01-24 20:13:08

java-17-openjdk security update

2022-01-24 20:10:03

fedora

[SECURITY] Fedora 34 Update: java-latest-openjdk-17.0.2.0.8-2.rolling.fc34

2022-02-04 01:23:38

[SECURITY] Fedora 34 Update: java-11-openjdk-11.0.14.1.1-4.fc34

2022-02-25 17:03:20

[SECURITY] Fedora 35 Update: java-11-openjdk-11.0.14.0.9-2.fc35

2022-01-29 06:41:28

altlinux

Security fix for the ALT Linux 10 package java-11-openjdk version 0:11.0.14.1.1-alt1_1jpp11

2022-02-24 00:00:00

almalinux

Moderate: java-17-openjdk security update

2022-01-19 08:53:42

Moderate: java-11-openjdk security update

2022-01-24 09:03:13

debian

[SECURITY] [DSA 5057-1] openjdk-11 security update

2022-01-24 19:14:52

[SECURITY] [DSA 5058-1] openjdk-17 security update

2022-01-25 19:58:47

redhat

(RHSA-2022:0229) Moderate: OpenJDK 11.0.14 security update for Windows Builds

2022-01-24 12:59:11

(RHSA-2022:0228) Moderate: OpenJDK 11.0.14 security update for Portable Linux Builds

2022-01-24 12:59:09

(RHSA-2022:0204) Moderate: java-11-openjdk security update

2022-01-24 09:04:44

ubuntu

OpenJDK vulnerabilities

2022-03-07 00:00:00

OpenJDK 11 regression

2022-03-29 00:00:00

centos

java security update

2022-01-25 13:01:29

broadcom

Azul Zulu Java Multiple Vulnerabilities (Jan 2022 Java update) CVE-2022-21248 CVE-2022-21277 CVE-2022-21366 CVE-2022-21282 CVE-2022-21296 CVE-2022-21283 CVE-2022-21291 CVE-2022-21305 CVE-2022-21293 CVE-2022-21294 CVE-2022-21340 CVE-2022-21299 CVE-2022-21341 CVE-2022-21349 CVE-2022-21360 CVE-2022-21365

2023-08-29 00:00:00

gentoo

OpenJDK: Multiple Vulnerabilities

2022-09-07 00:00:00

photon

Critical Photon OS Security Update - PHSA-2023-3.0-0601

2023-06-20 00:00:00

oracle

Oracle Critical Patch Update Advisory - January 2022

2022-01-18 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

4.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.2%

JSON

Related for BSA-2022-1980