Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2022-21624

🗓️ 18 Oct 2022 00:00:00Reported by oracleType 
cve
 cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 428 Views

Vulnerability in Oracle Java SE, Oracle GraalVM Enterprise Edition (JNDI component). Allows unauthenticated attacker to compromise data. CVSS 3.1 Base Score 3.7 (Integrity impacts)

Related
Detection
Affected
Refs
Social
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: IBM SDK, Java Technology Edition, Security Update February 2023
10 Mar 202315:30
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition
20 Apr 202313:36
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Oct 2022 CPU (CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619)
7 Feb 202314:27
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM License Metric Tool v9.
15 Dec 202209:10
ibm
IBM Security Bulletins		Security Bulletin: IBM Sterling Partner Engagement Manager vulnerable to multiple issues due to IBM Java SE
6 Jun 202306:33
ibm
IBM Security Bulletins		Security Bulletin: IBM Cognos Command Center is affected by multiple vulnerabilities
4 May 202320:23
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility
24 Feb 202315:32
ibm
IBM Security Bulletins		Security Bulletin: IBM Sterling Connect:Direct Web Services is vulnerable to multiple vulnerabilities due to IBM Java
15 Feb 202306:57
ibm
IBM Security Bulletins		Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affects Liberty for Java for IBM Cloud due to the October 2022 CPU plus CVE-2022-3676
10 Jan 202318:48
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester
16 Jun 202319:00
ibm
Rows per page
NVD
Vulners
Node
oraclegraalvmMatch20.3.7enterprise
OR
oraclegraalvmMatch21.3.3enterprise
OR
oraclegraalvmMatch22.2.0enterprise
OR
oraclejdkMatch1.8.0update341
OR
oraclejdkMatch1.8.0update345enterprise_performance_pack
OR
oraclejdkMatch11.0.16.1
OR
oraclejdkMatch17.0.4.1
OR
oraclejdkMatch19
OR
oraclejreMatch1.8.0update341
OR
oraclejreMatch1.8.0update345enterprise_performance_pack
OR
oraclejreMatch11.0.16.1
OR
oraclejreMatch17.0.4.1
OR
oraclejreMatch19
Node
fedoraprojectfedoraMatch35
OR
fedoraprojectfedoraMatch36
Node
netapp7-mode_transition_toolMatch-
OR
netappcloud_insights_acquisition_unitMatch-
OR
netappcloud_secure_agentMatch-
OR
netappe-series_santricity_os_controllerRange11.011.70.2
OR
netappe-series_santricity_storage_managerMatch-
OR
netappe-series_santricity_unified_managerMatch-
OR
netapponcommand_insightMatch-
OR
netapponcommand_workflow_automationMatch-
OR
netappsantricity_storage_pluginMatch-vcenter
OR
netappsantricity_web_services_proxyMatch-
Node
azulzuluMatch6.49
OR
azulzuluMatch7.56
OR
azulzuluMatch8.64
OR
azulzuluMatch11.58
OR
azulzuluMatch13.50
OR
azulzuluMatch15.42
OR
azulzuluMatch17.36
OR
azulzuluMatch19.28
[
  {
    "vendor": "Oracle Corporation",
    "product": "Java SE JDK and JRE",
    "versions": [
      {
        "version": "Oracle Java SE:8u341",
        "status": "affected"
      },
      {
        "version": "Oracle Java SE:8u345-perf",
        "status": "affected"
      },
      {
        "version": "Oracle Java SE:11.0.16.1",
        "status": "affected"
      },
      {
        "version": "Oracle Java SE:17.0.4.1",
        "status": "affected"
      },
      {
        "version": "Oracle Java SE:19",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:20.3.7",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:21.3.3",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:22.2.0",
        "status": "affected"
      }
    ]
  }
]
SourceLink
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/
securitywww.security.netapp.com/advisory/ntap-20221028-0012/
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/
listswww.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/
oraclewww.oracle.com/security-alerts/cpuoct2022.html
securitywww.security.gentoo.org/glsa/202401-25

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
27 May 2026 17:16Current
4Medium risk
Vulners AI Score4
CVSS 3.13.7
EPSS0.00264
SSVC
CWE-502
cve-2022-21624oraclejava segraalvmjndivulnerabilityexploitnetwork accessintegrity impactnvdsecurity advisory
428