DATABASE RESOURCES PRICING ABOUT US

{"id": "7F8C5B286D46F7C07594D83B9BEAA8FFE7516BE4B7A585530E218AC7EB0CDC1F", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: Multiple vulnerabilities in IBM WebSphere Application Server for IBM Cloud Private VM Quickstarter", "description": "## Summary\n\nThere are multiple vulnerabiltities in WebSphere Application Server Liberty that is shipped with IBM WebSphere Application for IBM Cloud Private VM Quickstarter. Information disclosure in WebSphere Application Server. There is a denial of service vulnerablility in WebSphere Application Server. CVE-2020-2654 was disclosed as part of the Oracle January 2020 Critical Patch Update. CVE-2019-2949 may affect IBM\u00ae SDK, Java\u2122 Technology Edition. Multiple Vulnerabilities in IBM\u00ae Java SDK affect WebSphere Application Server April 2020 CPU.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2019-2949](<https://vulners.com/cve/CVE-2019-2949>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Kerberos component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169254](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169254>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-4329](<https://vulners.com/cve/CVE-2020-4329>) \n** DESCRIPTION: **IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/177841](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177841>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-4720](<https://vulners.com/cve/CVE-2019-4720>) \n** DESCRIPTION: **IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available memory. IBM X-Force ID: 172125. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172125](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172125>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-2805](<https://vulners.com/cve/CVE-2020-2805>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated attacker to take control of the system. \nCVSS Base score: 8.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179703](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179703>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-2803](<https://vulners.com/cve/CVE-2020-2803>) \n** DESCRIPTION: **An unspecified vulnerability in multiple Oracle products could allow an unauthenticated attacker to take control of the system. \nCVSS Base score: 8.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179701](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179701>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-2830](<https://vulners.com/cve/CVE-2020-2830>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Java SE Concurrency component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179728](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179728>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-2781](<https://vulners.com/cve/CVE-2020-2781>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Java SE JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179681](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179681>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-2800](<https://vulners.com/cve/CVE-2020-2800>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Java SE Lightweight HTTP Server component could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179698](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179698>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-2757](<https://vulners.com/cve/CVE-2020-2757>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Java SE Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179657](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179657>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-2756](<https://vulners.com/cve/CVE-2020-2756>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Java SE Serialization component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179656](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179656>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-2755](<https://vulners.com/cve/CVE-2020-2755>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Java SE Scripting component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179655](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179655>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-2754](<https://vulners.com/cve/CVE-2020-2754>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Java SE Scripting component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/179654](<https://exchange.xforce.ibmcloud.com/vulnerabilities/179654>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-2654](<https://vulners.com/cve/CVE-2020-2654>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Java SE Libraries component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174601](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174601>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nThese vulnerabilities affect the following versions and releases of IBM WebSphere Application Server for IBM Cloud Private VM Quickstarter\n\n * 3.0\n * 3.1\n \n\n\n## Remediation/Fixes\n\nFor details on the vulnerabilities refer to the security bulletins listed below: \n\n * [WebSphere Application Server is vulnerable to a denial of service (CVE-2019-4720)](<https://www.ibm.com/support/pages/node/1285372> \"WebSphere Application Server is vulnerable to a denial of service \\(CVE-2019-4720\\)\" )\n * [Information disclosure in WebSphere Application Server (CVE-2020-4329)](<https://www.ibm.com/support/pages/node/6201862> \"Information disclosure in WebSphere Application Server \\(CVE-2020-4329\\)\" )\n * [CVE-2020-2654 may affect IBM\u00ae SDK, Java\u2122 Technology Edition](<https://www.ibm.com/support/pages/node/5736807> \"CVE-2020-2654 may affect IBM\u00ae SDK, Java\u2122 Technology Edition\" )\n * [CVE-2019-2949 may affect IBM\u00ae SDK, Java\u2122 Technology Edition](<https://www.ibm.com/support/pages/node/6206153> \"CVE-2019-2949 may affect IBM\u00ae SDK, Java\u2122 Technology Edition\" )\n * [Multiple Vulnerabilities in IBM\u00ae Java SDK affect WebSphere Application Server April 2020 CPU plus deferred CVE-2019-2949 and CVE-2020-2654](<https://www.ibm.com/support/pages/node/6206850> \"Multiple Vulnerabilities in IBM\u00ae Java SDK affect WebSphere Application Server April 2020 CPU plus deferred CVE-2019-2949 and CVE-2020-2654\" )\n\nTo obtain these changes for your installation, upgrade IBM WebSphere Application Server for IBM Cloud Private VM Quickstarter to version 3.1.1 or higher. The service procedure can be found here: \n\n * [Upgrading your installation](<https://www.ibm.com/support/knowledgecenter/SSTF9X/install-upgrade.html>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "published": "2020-07-30T13:29:49", "modified": "2020-07-30T13:29:49", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 5.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 4.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.6, "impactScore": 6.0}, "href": "https://www.ibm.com/support/pages/node/6254704", "reporter": "IBM", "references": [], "cvelist": ["CVE-2019-2949", "CVE-2019-4720", "CVE-2020-2654", "CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830", "CVE-2020-4329"], "immutableFields": [], "lastseen": "2023-02-27T21:52:35", "viewCount": 2, "enchantments": {"score": {"value": 0.9, "vector": "NONE"}, "dependencies": {"references": [{"type": "aix", "idList": ["JAVA_APR2020_ADVISORY.ASC"]}, {"type": "amazon", "idList": ["ALAS-2020-1330", "ALAS-2020-1345", "ALAS-2020-1354", "ALAS-2020-1365", "ALAS2-2019-1316", "ALAS2-2020-1387", "ALAS2-2020-1396", "ALAS2-2020-1403", "ALAS2-2020-1410", "ALAS2-2020-1421", "ALAS2-2020-1424"]}, {"type": "centos", "idList": ["CESA-2019:3127", "CESA-2019:3128", "CESA-2019:3136", "CESA-2020:0122", "CESA-2020:0157", "CESA-2020:0196", "CESA-2020:0541", "CESA-2020:0632", "CESA-2020:1506", "CESA-2020:1507", "CESA-2020:1508", "CESA-2020:1509", "CESA-2020:1512"]}, {"type": "cve", "idList": ["CVE-2019-2949", "CVE-2019-4720", "CVE-2020-2654", "CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830", "CVE-2020-4329"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2023-1:1648B", "DEBIAN:DLA-2023-1:974CB", "DEBIAN:DLA-2128-1:493E1", "DEBIAN:DLA-2128-1:E0A22", "DEBIAN:DLA-2193-1:EADDD", "DEBIAN:DSA-4546-1:99674", "DEBIAN:DSA-4548-1:39CE3", "DEBIAN:DSA-4605-1:EA4B2", "DEBIAN:DSA-4621-1:E16D0", "DEBIAN:DSA-4662-1:57790", "DEBIAN:DSA-4668-1:C5B44"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-2949", "DEBIANCVE:CVE-2020-2654", "DEBIANCVE:CVE-2020-2754", "DEBIANCVE:CVE-2020-2755", "DEBIANCVE:CVE-2020-2756", "DEBIANCVE:CVE-2020-2757", "DEBIANCVE:CVE-2020-2781", "DEBIANCVE:CVE-2020-2800", "DEBIANCVE:CVE-2020-2803", "DEBIANCVE:CVE-2020-2805", "DEBIANCVE:CVE-2020-2830"]}, {"type": "f5", "idList": ["F5:K16496491", "F5:K26555255", "F5:K54213762", "F5:K95453343"]}, {"type": "fedora", "idList": ["FEDORA:3F8B2606CFA7", "FEDORA:6F5D4605A6B2", "FEDORA:F22596075DBD"]}, {"type": "gentoo", "idList": ["GLSA-202006-22", "GLSA-202101-19", "GLSA-202209-15"]}, {"type": "ibm", "idList": ["00EF24AD7F1E1413A0AFDCF92DF50FDAF033030148B0E6912A77A61D879692D4", "017704F263DE498C81E38DCD35C1B649CAC8F2B6DA67887C1DC1F132F6BB1B85", "01D5910DF84D54BE1E6CC202E786D0A9A848F723AB639F74679C5DDB15761610", "02372BB95E80FEBB3F4C0EDDB60D767813459FF5F1AA49CA993E9AF801012934", "02FD10030B8366010758D75673B2286A0CD064A8561853F6F314CF7B7BC8B298", "036EA0A600E846F6A02DD17117A50C0F70F9BAD404250267597F62555F45EA04", "03A21E2CEB2AE80B0CB3845788EE2C252B219A2161281A588F3A3FABD346F890", "049759B1D5421ABE3E83A71D032E850BC0F5FD7B89FF7113E36CC5FC4AD7ACBD", "05FA7A6FECA57F2CDC18AA8601FFE769F365C89CA7A8A4A64C71821B699FCBCE", "060D3FC79AEC6F245510B1C6DC4349BA6ECD4B42B6857BA70D63BB7D9BF14A10", "0676DC64D9FAAA5543CCE97F95B289A6DF997F20DD2C5C84724916098603BA58", "089B564037CD6CBF124F570A0074A8E6C37E90240BCF8C5297D2EBD444E34F18", "09C6ACF80628EF8C73E427E1D21F5A5A497D751BEB43E7A41354136EC7AE4215", "0AF44030170DD5D957DFDF43A4F1F6D53BF74A36302A9511410AF5585710B3E1", "0C0EA83E08C7ABD6E529887E7CCA2FD2C9F7688760B17A04B0D89D4DB8F1BF60", "0D52379972AC05F5FC604E8E8D08771C518A83622281FBBCB1618B17559FBE16", "0DD7AF43DE97763E0D93D1D019F9D4F482815C909438E3FDD9E285D6B2ED40B7", "0E85F055F69C36F1AFCDA9AA4C7476B24B7826864D94024DCA43C8F828A3D547", "0E954BE815796B26C7D4ABE2BCCC21DC5663BE0814B4E5F3C1EFE68319DD65E2", "0EA5DDF7D8ED330966222EC13380158E6377EB3E625758DBCE9B763B67A0B659", "0F7D9DE1707D7D6C2B2883F5DE54F3D4D790F48177743DCC3A98112083E76EB7", "101FF39CC211D0F2AAEA7FFDF01B21E485FFDBD3618EE94DC0F87A5FF85A750B", "104E5358C09C4A12262672713C06CC3321584D57C3884021EB6B32EED2C9E8BC", "106AD49A338E7AC7F1FC75B40B662360FA7CA624A79EA47916C2CF681A2E59E6", "1149BE00A7C05AD4DC5DF4BC6CE1153E5FA772FF33CAAC0512461F771BF4CB83", "126E1024546918D07264839DD88F2FF75D58789A0F611D0689966886112B533B", "1292286F29372CD8F681A7B073DE92BE1736555827B7FF4E4ACCDF53A7880964", "157962F9B3DB294165DFF14635E6089F37B7870F261E4208696A5FE06EE6F43C", "16A975A6CAAB3855AC2D6E265E48992B9A6693F36178DB5E02421BEA65C6B758", "1789DD677115A931C8718DBD3105CB40D233231B07926E1BCDDA0E9CBB32C539", "18D984242422866F95B81DD465CAB967B26797D13E68A166EDB40E265805B71C", "1A72C91F6CA7EEB9FAAA834618698CCB61EEC973896F1BBF5482067FC7922767", "1A86238F7F143F1D2CDCAF13A7A5121E2734C20B015C44303B08AB3756ADAA1C", "1AF10453648DF6E50FD13383CAC3354F1BE62A0DBDCD7504B40FFEBA471BA53F", "1B8F0281E10790914D004D879AAA702629484840516238DECD288C5C4D9EB634", "1C0D8FC2A9F7C68A34516E16D0E30997245D9487C0AA3C2F80109E35400A48A6", "1C1678518312F18585D48228E2C4D89CBF458CAF1277708839EA38E32D0F11E3", "1CD4A80A71C8103200D24FD5394261BBBA205B403AC752CFFC6262C21A8D7F6A", "1D175F9C9806A85668A040BF3EFE408975FAD5D82ADCF7E6B3A57BDC6C5B6AE8", "1D527A951F660BFCA1836671A2A328C87E8B448B01A672269419352520CFA6F1", "1FBC43AAFB30E12136CC1ABB390199FBDE2B41811DD6B2397DF817A0937D1741", "204ADCCC258487D6D5F8C848C95DAB38413055F4AFD05DFCF56FD7435CBF7C69", "20C726052D51A86CD6F33620FD422BF8D18C05D40FE11F0B4C3E8682BCB671EC", "20FC8D083652BD9620AA16329F2B0D169CF687E1B0F904A9AC013C7517AD365E", "21A78502CF868CEFFA6DC5C776E16EE0EDF33BAA9E7F3DE611912CC218BF6C9D", "22E530F1D70956F99F5FF9FEC58CF36BD3ECF051771DFFFD44F5E67BC973334F", "22EC3C3360B36DA03DEFC47DF7AA94018A0AC2E13D90F2B9F746B4F548BD4779", "23BEE634200B9E4FA6BA5050B092CB2E8A6676B9A96B4091423D6C937390F9F2", "240EC331B4740D6B70360359CAB6A8BD3720C206F1640F720CD7C8DDE996ABD3", "24AC55C7B7B8EAE76861640D8FE63967C2D6AC120B7117F39C2E95E98BD6B38F", "24C171D2EBFBD69CF6AEEFB17FADCB6350B347E61036097EF3A9343C6459084D", "255519D8FC08936029278A93200D3FB4DB86381789F43C66E18CDB6CBF5F7090", "256897A2C093386CA07A7A9574414865F98C7CCEBF886EEB74C128006CC136A2", "264C02DB84560D43F15B55FC00827F64C8C799EB4813FAD5C111008C8E131691", "266C32AECD9BCC9F1C54099C8FE9B92463A0A02A15157EF458713D15175A641C", "26AE7E28F5E270B5CFD52AEBA6B32C6108986FCB5CA6AAA5326CB8FD0CA73D23", "276311EA26EA41FBAE81DFB3042788416A0F2799192780CD6BCD5F7081C47F5C", "27667CC3C4749A1E7C9BA260074409253DD037762DB8CE1B9C5A71B1917B6725", "27E05F77F5930FD9CE77753BFD85443DA41872CE8C0E1205AA76D4132D396EDD", "280F22C59D289D09BF95C27BCBD4E75FDD23E4CB97EDC3D26F891DF09095112C", "281EA77DACE3CB0D203B13E8D960659321E00D0D3AD04C8DD174EF67ABD3975C", "284CBBA54738CDCC2622E07BFF9F42EFB12F4C1E6C35828AFF50C39142CB2FB4", "28F8FE772F7744066E89072F94BE119B652D05DADA694784B7CCD72965C551F7", "2990C49388FF9A7A95B59BB697358FE746DA4981EA6BE3E4B10DBE45541B3A35", "29B7E8A593B85D211D961E858CD47DDE4578E14A3B0026D2CCBE046945B264FD", "2A65FC125DA729940F7D04409677484F9FC90234EBEC407C2CC3CBD042F7D26C", "2A983186A18AA1F913AEF800B4C60D2AC7C684254587378CEE189FFC5D3B64B6", "2AA1CFF2B38E29406C3390FC3486551F5831608DDF19F081568B5CA436C23A52", "2C93559F71C13D53057E41586B1B0742AA76740258BBDC0CF3D9E8C3CD3857FA", "2CA3BBA259D1C0246BF3E9648B4ED1628834042FC1FD08C57988C2DBA7334A28", "2CACBE41D36AF402D83999A57D2375400B28085518F96D7CC3A00E4877AD60EF", "2D4E5ACF341A63326EA63B36C57A2D2450C37ACBD15D00C0143815E2E93007B3", "2EB3EC5415CB180C489C7AB8A4707E904F165D92DE748B7FFC66F9E86EDB6CB8", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "2FEDCA99A32964BFF6DBDE002EB4B2F410B145AE312DF12377E547C72DABA460", "3073B2863EC3EEE15D79F6F74A31A0A1F9DF2E191852C00E1BB66966D15300AD", "30D8FE67161E8D4FCCE177A3964E6CF0B24FAA13C9252A61D9FD63AA760FB657", "3145AF0C5406567F174CE24AB15ECCCBF1EDAC271CA314F0505020DA0354DFD8", "3180B65135ED076EBC40E84457FBD56F4194E10FBC96990E6A5A4C6C76779DE8", "318BCB52FA17252557986CEAF25CB3771570A1E2E09915579AC27A10F5B3ED09", "322B01DE222750C7DF4CF590663CF3B36A1750FAC696257EDFC9883D18F41115", "32EB80235F63631068A875B3706EBE57E1F30F49ABBD86F94E0D61C950097183", "335D6C66D4390B20F098610CBAE66CF67CB60FEF9BA678B6976E155C6B71908D", "350BE099FE4F017BEA9A4EC2A077996E4B3473A14B0E49A1EEEB72D56826E652", "35A8B908BE6A907E21280C68DBD7C12DD15E7AF64D1204CD2C6EEC2776BC0030", "3757DB8A424DB88E245C8F0EDDFE6FE06F8170406FA58010670CD76C8A1ED47C", "3776AD70996EFBADDF76FD6F5AC351B73A4F834D590F094BE2C19B1B4B356D05", "38B90E9B0DC10E4DC76F9F12DDEC2E7A19565B69C0B9D2A17405DEAA2D6CB5E3", "3A2DFE6DD59E30D471FBD4C15F6019CFD0C300A08FA6AAD5FE0B4152BFE1CDF9", "3B4BABF4CE1C991071EF3F21C072A350BF812A85FD4B68B4EB9D5804B3FB97BF", "3B6FFA1802620B3837E9241495B519A902FD546289DECADF7240559B78CE4CDA", "3BEB441D10779A1942BF02B10D6A1555A8433CFB0B2D08C01720323538A45578", "3C4BFCBB3C717294BFF59B59F2618AEFAAABAFB8378CF9BFB5509B69E9275659", "3D04811CD7C9B337157F4E06A7E1B2584D270E7E69B726B8521CEEE31E88AF6A", "3D7A1A3B5F9F73ED6F26D0365D3B4DAF96AACFF61E4BA7365988B1B7E043F4A8", "3DF0EBC27CDC2FA0AE7D540516E7AD82FDC079933E2D3F08627E09F6B9903EB8", "3E1A954A80868F0F29931CAD92D6814DA29C439369DE3866B623B907BBCDDA4D", "3E9E58CB133C398A1E07C6770AAE40040AA7AC2816C667CD2848FFBE982ACCBD", "3F0DB6A6B43161E807AC17CE719A18BD26C81F3134F4959AA51E211376F74BD1", "4212B58ACC9EE88EF5EFA9A4B47162BD75134F54A1D340AAD34532457B0AF8C6", "422537CB7DA0B51EC03742C69732BF7E841E49D8E76EB1282D4AADCB1A08526A", "42384574F7E0521A92FB391AC5F0C9B49CC1F4E98A72FCE20FF6CB01E05DAF9B", "43176C8220551038A4495B8A84DFDADEB39D179380C005A74D2C257820801C87", "43889098AF27B56E1AAC2C0ADC87D15751A2B0CCE3BF25260E32BBE3CCA7CE93", "43DA011A37CE03FA64B094E9F5770A93BEF6CF43E03F703E6569EEA76986A4F8", "43FD2DEC48A89038A4DF71B545472C6EC9B601D8954256891076C3541234D542", "44307B44119A69F2A7E2E3CC5B1FD7B80E121C1C95887759C5496379420C526E", "44F8F51D369D3F744AF193AB2E497189282F22F94B8B3424EA2B099B5580CD94", "451F72C42C9FA5B3638C6F2233F910FC635FE2A09DB2B0F71474AE8603F61D92", "453DA448AA3F8EA6DA3A115CFC84B0D2B992660D6E9D4C161474E74D8BE8667B", "4585AF22EE5639871A7BF84D8DFE9AC688EFE59814E7A5444DE9DC0EB109E9FF", "45D0E6362EAAD0FF8BA2A916838616D92ACF32C45B5CEECF557F58369F188EF6", "45E477A401A9AB1DE1FDEC74CAEF2D215CB4455BA0FCE47F78E1F65492DC819D", "465A77691B2F05B1C5FAAC7A02CB7D278A82164C3BA7AE66829B4C4FECA4395B", "467CF97BCB360927DBFFE98B67B787639BE1F772AB145EC498B8B01C4AC15F2C", "47274321AA3430917FC9FF88F99229CD7614CD6268ABCD535250486839A8D636", "47377382FB42339D4CE97A4452C254F07E69CAE5413DDD356B24FAAA26841F46", "47C4639A3EF53144FBA7A24BF07D00F061D787E4D1C384E58F223AE28CC86EBB", "480D58613122A96AD57968DE0F88508E140E15C861137E188E543C73FB125099", "48884C8E221760F92534E481E23CED02DAD5EBD580D328BCAD26AA27FFD246E7", "49B8460E9D95F7D50E840B7B70FCE2EB364A1ED8ECA0CA0A121E41DC89B55B92", "4B81A3DC7183611B0415ECCB103AB240ADE5C0EC9DE7E70D4BD375223AA0228C", "4B9B5973ECB6BF9D964D666AB84A86D0BE4913C96B2CD56E503C78B2893FB8AA", "4BB64F82620533514180FBBD22D98224D4AD27139725A0E485662BE0A8761B58", "4BEC8E9463E4B27C09D4E3ECF5C98A9E0D6D193C06E6EFC3DEDB9F41368D7DC0", "4BFA3A2F692D8FC8DE4F07BCA56AA58679411D74D1AC3CD28957EF6A817C1264", "4C530226C2C82FCA90A29F26A05A9D0BF640534450027EDE7596BB30563A3845", "4D9418EB571AB517698E7771BD9FFC99397B18C4277948836176B08FCF7D13D7", "4DDD411D05DA8C0FEEA7EE08A955C6CC3D9F0907BA8773CF31C690481C85111C", "4E8F203D973F0F58DD4AF50C40B62FE1A35D193D756CEF82EBFAF93D38E60BAA", "4EEA40866A50FD47B88CDEDFE5D4501E3C595A076C9874F03873B7D7BEC2B0F8", "4F2D82A4F724C8AC105424E03F5FBC319EFED1ECC4C4FC502E3EE79470EB24D9", "50EA423A77AFE74D4C99D312D7FA5988DE8629BD8B6A44E2C6A86AC37D0AD6DF", "51BD39BEE25909EEED0BF937C11093CF42A13C4AB4AB282A7A46125DC62BF978", "51C64898345F327DD93881C52DC0BCDB22915CDD412C72A65BE394B7A650FE83", "51D185DB29AE6E4FAD71119D872DA0F52814A6C17A59AD1AF9B79D0668C33FBB", "528381C9CFB6ECA8B333249B2F75271731400A3A04CC9729C06B54D936548FC9", "53514A62D7D9E2E178325FAF1EFBB4FF93020BF2D45F01788543FEAA40036C15", "54E445CDA1B6D464E8EE07BFFEA8105E14A5BCC492D50E718CD98D48B5DCB9A5", "54E686FBB2E60A0BDEAB59EFECEB36D61C77A784661FD44124BD8864158EE317", "54F95B012C42E1776CDC45BEE152DE0DB2BABDE488693A1FA812D235885A3D0C", "55A93A7413D2D17A9FC66D4B2521DEABB349CEC50132C7B6CFC63FBFD532E88F", "55DC383A252E7D660F8ADB678D5238042C74174F3DA369A09B97DDB240267EFF", "567625FF8DF333D5C563E40EDFFF9516FF13EA40EAFE9A2E68635850284A1A44", "56A4EB08703709B360CB4383013698912F22EF091C5AEEA689DE4ECA7901E903", "56BEABFE33B1A6E4081E3789745DA61E7ED2F6AB2C115CF9D6175CED15B18843", "574FC031AF9B64FDFC8B0BF65E22355456EDFA4CF1ECE74E592CA6972407F30F", "576FB6CB6CD8B5CE4A1504690B7C455D22F3C0398026BA73EF6B8202548E739A", "579F81CD03E8F343CC89DF42B60530A9911E36D65C6D69F1409D05E0CC6B5028", "57B2D7521EC7DF40C6C4D1EAEC35430FAFDAC9ECF2870416B8F4209BBC2D59DE", "583B4EC604B94C469C4DE44FF99FFC90AB1BE9C2A84ECBEDB90D7CDD5FE2E8CA", "58E2A7C80CA72D628D1BFB234B6D9CBCBC9E1B2E173D0EED497EAD07AF16AC50", "5918C016B20B5ACA60A7D119FD2C32C94F0627AB911B7E60826658D357145A38", "595A289F9570379EE0A61936294F3471459716F19EADF589CD75DA916FD567DA", "59C7965FD6529E626542FE53D8AA2598AFD60D50C670FE5294229EE679BAC6C8", "5A867D53BF1C045A91BAF34174E260F4492ED9458A27BBD0E5EC08B506CD1CBE", "5ABDB8E8FF34B80C89910A575CC3A19BCB906094A7EAF6B0B05A2411E4E3E5FE", "5BD96B871BD05434767C34A2EFE7173A927EDB78FC30CDF5580CD68CDA14B279", "5CC6DB3E26D3BAE7015DFB4D74F64D914D157F4C36E60E5C8AB9FB048FBF3CBB", "5D8C40983A1BCB78D36B7DF2374D6AE029F0F4282200D955A0BBA8DB40749562", "5DF72FA611054534546D74E4B4AB82F241E1AC198E5C5726FDB53162C63451AF", "5E4F47B8B36474BEFBDF90817CE55576A8F5001BB0F9A0171D9F9A512D2EA52D", "5ED570DDC2DC18EDBE3A6F896450F75892C392B6E12D967BD6C8F6E5EB0809E5", "5F1E522907674359F402A2020625D76DEC18F78C51601FDF6F1CC062F78B5BC6", "5FE7A510CD15A76A4D6CF022D158B9FC7E8E03226BAF443B1D7C5958D406EEFF", "5FF84A409F6E7810279E556BA90D6C5F78BBDB1F21A37746F6A3CA9B07CE5053", "61C3F15886364FC22D270B27228FD5FA37CCAE5CB24408C225EC21FF0A7ECDF1", "6319DF1B256EC58709172407AF4A25DE3588354F1CDF0FE760752C81DC6DA075", "6460D41996E43CB75276902519E15745959E2FFD675E2119EAA294B305A37593", "64EAC079DC917071B3F5D4347B9D12B05B0383FA0A7FA3A0014E97DDEE4AA80A", "65AC33072AF8ABBAA1E90D22A6164663D0FCF7967CC7051A7C6B601CEA97BF53", "67146E2A524C8FB5A1DFD73F1DB4911AAB49B852B996D26C9FDC1C6AD38C7259", "673890733653CDC1F2BE7C4661382BEC98F1365E9FE48B17230EF2CF4B722E6B", "693658DCE0F371748D69D63EAD5B48AAC0350649F64CFEB925F5CA6BD3E2A97C", "6A0D9421C284C29C699BD48273C99B57CF4E764A76760B5A163F68BA4E03AA6F", "6A6D3443974438B65979A6338422445099F3CA76DB149428DB7450AB644D4F69", "6AF6A75AB47A85BD264ED489D020A601CD49E58065CEDF72F8DBC129C0B69CAB", "6B664CCE2190B12216972B3550FAAE4685B736F87954DBB6453900D5AC87DDD4", "6C0B46071036140AA51372906322730888C9E7399B10A1E9F089A640862B19CC", "6C3EF31F91741F415782EDE50130FAA08F82104A8F95D3D369A4047E95CC9A00", "6D9CDA8999A9DACC3CC92F31C9B635358761E015053E1E28134A4EC64E7814D4", "6E15388FEC4AEF961ACD45CDEA784062121BF39A5E1909E3C780D0C5147A52E5", "6FA137EFE432E9DB974E04AE47D6A29DE89F27AF0B1E37EBA756CFF32ADEDFD7", "71775F8B80AF3BBF0CF10F0859E199AE222B899F2C8DF45901295ABF96EB12C8", "717EA7B7E291CEAF2956470CE508AB38C2BF8E63133D28CF594496671ADDDEE9", "7294EA54DC7B16106E4A4EA97B3222F45083B261C6D6170F4FF7B3B25814F4FE", "72FDC7ACE37453A4C45D6056B76A38DAB964209EA3654296776CF200F9BBCFD0", "74739E18871CD2FB6A97BEDD24781C04A58FE3EE477E9B04BC96DF3C5CC0B134", "757696CF6B25D861147516A0233F27AA8ED63CE44EC3D079E6265FF809DBCB35", "77F5DCB1E0BCD22E1A01C754024118CCEE33D4EAB1613380889AAA70E477E4B8", "7A7E2C46981121C4848316714E17DE54302B583229BF30A2ABFE7599824726DC", "7AADA2BCD3C437AFA3C3E67E767F613AD2037CB02AF0E9FA64C7DFB2459A1AFC", "7BCA26BB8F608B43A4FC09B8EEF859621BA00CC22C5FAB8CD10873E324561C23", "7C9BDD06BF159B454C3BFD20226B34DBB4EE268B25DF4CDE9AE4899932DD2F00", "7D00342863B1B28E48CA30E36FCA81958BC7DACB93ACE050ED87341D3933AD65", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7E3810136FEF61BFC79D395E6D31F652EA936DDF2169F22C131565764489E4C9", "7F64ABD83A792D617A2AF9021224D3891ACD98806409091724BD7F4981A1DEB7", "7F8E6554F6DA398AA724606DE234AF7EF09A532D4299A3D1BE71DF4204B3FCF6", "80F63C4DBA4692F1399B8419C02ECEE29E4B32D85EDDE77D136EB81CBB859B9C", "822CC9C8BD1EE60B7781E407E8AA84E822138B490540F81DABD8583D172551A0", "8271DA3A40630C2ED7F6D3D137F6651932C4B2E5976E9E2E07E160409BF14EAC", "8275C3B123771E721297381D0F66E5CCB99C5D5EA14F12413C6DF109D950665B", "82936D00277BFB24D711DDE526D1CD366BD17ED7C68CDF976B86CBD7574AE2B5", "8343E9418889E0C118D423FFF70EEFCA49C5A897A2BE7161660C3B81899A5554", "845034F004D5E87FCBDDBF4DF19CBEEE3865967F212423D2B39A2634A34BBB84", "849571742FCE5CF0A2936D2E9A49C2731D5B368A888BD8CDC7379709C898A2DD", "85A203AE5F731A8A23D151364A5CA4469848689E5B34009D9D63DA579273DAD0", "85BBE6E40D91A5BCFCD22B8339EFFD737F1DA713C1EB7F4E7F877D2EDB4B3E80", "85FD47FE3A25DA6523738BD08DC1BA0B9A2E921DA9F3025CFB8AE5976AE08836", "86BC382413D13FEC49BBCF5FC0129F8B83C058E0C0CDD0CFC599911E284C4FA7", "86D81D4FF071D7D46BB506C67EA7CE93C082F0DB66B01AA7474850EEE2C3CBD5", "8740019E07D20644145884886F423212F696418E42B226B6F8C03245820CDE6E", "8776FEDA4BF548B972219DEAA9137D6753C0BB6BD63258402F5068E288568FA1", "877DC5435C2CAACA85AAF999F8AF3AE3464E12D069C816B739BA5A9C79C5BF5E", "889AEF340E86A1FF8AE75CD323791BF93186173C5DCEC257F97767066CFAFD1D", "88CA564F4DDB0802DF0DABBB1B2D9B63B5E7F65C00DE5112D86A906BD37EFFFF", "89289E9A98285CD79B0D3F1F025DD0EAA5E6629F7ADF333B9EF34FE380BACA0A", "89889D01EFEB2906CEB101B24500260E255984420DF03BB57D83997D812CEE0A", "8989A6FB77137900F56AD546B4C0C677072A5F5014F205D45B7B1B06BB2C3FA0", "8A198A4000C3B4F286371C54C95FE441200AA6A1683A30FB7D38DD6264700D60", "8AF1EAAAF442835E1677369F8903EC8A857B4F2915891FC5F6BC69C9571BC493", "8C188C0D2A0502498EFDA98119EA020FAB6FAE0E7E28A0DEC0BD7B63D17039AB", "8EE7DDBA05D33B836D8AF358160D9FD6C0D36E9D5DDB2CEB0BFC877DAC32340C", "8F6CC64B7C1D182ABC7251BFF8924BA1D8B73224511670C7FF24148A5021A89B", "8FBE10E5FCD0833A57C1BB25658493F72358D35CC4E10DE2B6E23C10021B5050", "90284591499066B48777BA7F0A369D6D77E1E66D9BA6B7B854E327D45FBE9674", "90CEF1E75C1775A1853126DD1E56AC94C337C70F31E9F5DDB6230C09D518C5D0", "918EC90267CF1760ED229DE75BD576095419855F5087F191C08D402ADF7504D9", "92632CCF2E5D968091A91A66449BF402408AACCDD70624AA9ACC2E9C6CAE4822", "929D837DD9C3EA90C20AF84418A0A2BB1D61BFBA6F69A8B90EB5479898403F5C", "92C244BD15E0AC6C95C623B0974CEBA4601F56411F46EA0ECC54250192EF3D5C", "92DDBBDC460D6543CB9BFE965F63EDA565CCD1EA4CB283723A921DEDE857ACC5", "932925E1037ED82721BC6DC142A9C2642FF0DE1519D1063C1E121B0FF0B92345", "93F5956C0571EC02D2231FA66A9130E61A7B245AF21B0A172B0D7E01DA91EA75", "951422AC4D34772C04D6974CCF33FA86CC1A3BB7B2E9AE9004E5656D9C947C24", "9548F3BD922C19C55E9391D4BACA8EA98682FB5BCA396DD8812365F4C30867A0", "958D3B4A5A0C1FD39CFF6BC608C4A1729951FA8F9C647E5838B8F638A26061A5", "9597A8DA413DEA047F25252B086CCCDA7543FCBC7042D730228D872AF048DEA1", "97D67741319318E81054E38AD279FB564C39D7BF2F071B94561D66348CDD350B", "980C74262588952E961D4A584FDC91320DD47525AF6C0C50650D040478024A8F", "9836E5609B14B7E702DDD41ACB122C66D8826B9A6D2821CC01E483065FD374D7", "99126F9F2548EE2300C741A1541AAF9CD2E67330BBEEA99D1CCE5C23EA09B155", "9B31CADA9E05358C442CE5FB3D1CDD8A91E5F0C2085CA1704F8E144AE651A6AA", "9B32B407F64E41668F3AB29B39E444D6C7ABA53FB15EA994831CA5D41D1D2F31", "9B660B8617E225EE7D2F0FBE75C900E17955D654A6DC9038425DA4C8A54818E4", "9BB137A2C15EDDA2FAD8099BF31EC43072DCB5CFA903CDC8CF3248DC677FE923", "9BC04820B3D2F340C08DC345180E3407C737F18117086BC346C786C231089084", "9CBD9A7234F7A793D27359C8D5DA8A7B66D6BB97AC1B9BDEAFEE654F98A8C207", "9D2911791B9AC5B458B1E932EFC1D21306C19D8876A9C1C65DB4C334F47CEC57", "9FFDFB54E44522CD84C40BBA459137D1309CEEA5B8584327B536848DE4912ECE", "A0F4D50333488A0E7047171B2CD4107DA8446CCF12638FBFE3B70E75C6BDA97F", "A18A9720C1D629ABCA693B2DEF0DBE3723F9496295BE0DB3D86261822B9D1D78", "A19C7DB3D10F228B0E192F9FC45BA5C4EA1CC1B39C3D650FC46AC90A6A37E1CD", "A1EFACF2069DC3D9306569DB75291E800141DD6232DEB3E7928DC96CA216C1CC", "A2924B4DE05BD5A9DE02BD29915404543555C0C4AAE9016A5C570D5EE0CB6EA6", "A330005D49E2DE9D5BB7AEB1FFF23C2CE2ECD165D6C58311145C72736B358907", "A37E43CE241CA136827071D65D84CAEB4C2B06D69E2817C2649277A110C5DC0A", "A3C55652F9A1A6B8950F7BED8B0E4416B16DE12D384B96E9E34E2D40FA65D07B", "A543E954AB7DF7CF33F468B97B00C6D58EAE36720E47DFDED3D3953FD05AB814", "A5681F729F28C250FF23C2C5EBBDC80244D85B4A5269BFE579C846E02438C673", "A58485ED1187EA4E51CA143194463C493EBEFDAF1129D1A7BD7970544FD73FC3", "A7091906DFD80052FAA8ED3478A61AFDFCE959988C96DE805466D167EAB989EC", "A723DDE407BAD02EA174056C8472D7F717073A89A2422790546E09A7047E1824", "A801C0134AF3AE69F120F9758CA8985C815F0984281741FDA5A847A1ACC66AFF", "A8B1328EDAD509E1D76C6016AE0790BC81F18C61790542709096AA8E663BAEC6", "AAB63CA611C91C086C2D2BC4EDEABC95ECFE557C5518B51036200FBBD8C29B34", "AB166E1ED02AD933E9686010D2C7397CB04211D2BF0F4768F3D3301A38DF1CF7", "AB9E1F618E295ED2016F2311EDD2F8570371E9C7D690FD62D71D7428FD71F423", "AC4054C2CE3C086ECE5EF6419F4530286C1A7CB58BD98D510916533489DBE94B", "AC5DE01326AFA37CBA7F799502684F57AF3D9271EC49734648DB7797522AF2E8", "ACBEAC66D4C77E6E0A8CA29C8E2103087D2D4C85F414F793D1FC336B951FB25C", "ACDFCA5E93908C1CC35E54B4EF854ED57BCD6CD2641A3590CD2418E8BCA917EA", "ADB3D47731470A86897994096970F6CE62DA6CB151DF6B317B2BC4BBB99654CB", "ADBB2DE655A33A904B7E8B7ECF3F9EAFAC0866161D56E6F99E6CCD88E2DB4C7F", "ADD728E5D449CBF07369A825459DC66A69D20821E174CB138A2CD552C85EAFDA", "AE00FB59C4C5890B5FB641690EEA9F234AE860A6025824F78EBD0F309BF503F1", "AE9FCFFF0398E144DDAD797967457B662931846E8FEE6194A2655AA5B730BCBC", "AF1E7C0E7AEB6A7745DD28859766C9018DBFD2ECD10FE9D39C7EEB35939A2141", "AFDFD85F2CF1D11E09505DD0597E9BCE253A4C4F2F99EBAF3B1A1745134605D2", "B02898F5DB2F42071BF277510F68D2650C6DD60CF0E9459DC2212351C49BE536", "B2A50DF3EC1594620E8A37ADF929CB730D5142281927CA3F2AE3C4F02F910D8B", "B2B33DC1DCAEC07D9F9164E0AD1390F5BFB58C4EE2BDF74B976625E39A9F5AF0", "B348869423AD305EF06F6125D94B0E67CA250BD5CE95B618BA3D6BA8C942DBCD", "B376697D94C07F1504F6F7CC76592D72B72271660B20A0E84E7E783B78E070E2", "B4307BBCBC3DD291CCC612B78E3395FFE15AAD33019D4926B0AFCE945EA4DAF2", "B661B0438E88E8CDB0D4BD901FE6861511AA0E05853E89B58F30744224999717", "B66677A1BD8D9453D69C8E1A5746D71CC62D2A2637642EF06D24334BFCCFC701", "B6AA74EA99EECE9CC41B3D78500D5544DC95E9EE137B3C3E0A3E086BFDDB3728", "B6EBC8701CCD64D9EEAA77298F908890F7F39F36DE2671D50F47F6DA74BC09D0", "B70C9E6980463EEC68E10566B4D27E6DC8D97EBCAD158C0E75138FCC18A9AEDF", "B7D7C09AA3957447FD5B3D3BD6AAD56CD3C7645746D04D52839C4B2817CED9A1", "B7D99DF4C04CF5F3A2B3D2119C254ABE8CDD229DB7014A05C47081E83C530B8F", "B7F4BCF65DF491688895B4FB198ADC71AA5257509A70F1E45DD1EE57F9850073", "B810CEED30AD5267543A02D3C0053BA8EF77FFA1864849FBAC26FC29B478A564", "B812D770D5313C7BE37CB4E928ED1042C22296FD500CC30DFA3CDF191C68E91F", "B8629798C0A7620E8722910704639F897428736B6273CD66CBC1FC799BBB38DA", "B86CEE37B83CD69883781CA56A5772F2BD6870EE4E45F936C2CEDF4BF127CD29", "B9AB86AEE61CF04F76A80CDD8EE0B44FE9A81E116E3529C7E44E567056EB3D80", "B9DC7F9EA8A7F598E977D6C4705A97293978D3EFC9B6C892C5C9242468160ABB", "BA94F29D34B47AB849ACE2ECA6639B2684B79642CB80A82CD534A63C9C789BCB", "BBD1373A8600487139D329F2FA19580348F9267EDE96F1D1EDBC5F565E2AC2A9", "BC56BBDCEBAF6A23E7C9C80CFBE8779EACC0B0F1692AE90EF664D0ED35A32362", "BED3DC99A05AE750F4F593EB125F4248D2818A07A4634FCC899E8A45EE49E86F", "BF4171FFF49CC8203A49900BDC100D2C73B3101AEA612FC46C31E0A0163CDB26", "BFD3B2B780AE5E2B57758FF9D1854E539D0BDD7480D41CE99BA69E3C8264005C", "C06037486063080DAF0903578E651F281F08105507F07A61B0292AD4FC96B7DB", "C068B8A2AB2B7E48544D2C63A4D6C93FBFB43DBC5DBA9FD09D18876430BED7C4", "C0BC1250C49C29390CF8AC6B8872B237162737B6D5DE2C395306410229DA6241", "C22CC0C04AA48102CB2EBEF5AD691FDAD7FE1267768536619BBE66401698B809", "C246517FD5FC9B1778BB785CAC7D486CDCEA75F5110BBBA5A13F9E54060B3EE8", "C2D6F29054FFB056410CE1D3348427B6C8F3350992A5BC7838FB4A2522A0AC53", "C2E7B2FB82954B11A11B223CC0C7E98DDDEF0A0EECC58174B03028843424CC21", "C43D2CB156B7BD39FC113EAD22568306F95463D3E29CC3A697EB085F142533BB", "C60289D204614CD6F487491D985F924542C108BE5DDA61A136A99A5BF2EE3F15", "C6780300E3EFD7F6811EECD650C04D87FD052560A5F1FA302479AFF8AA4F7FDC", "C76EFBF0D3D0F60E228E7715D5DF48E931C5D7C581861A2601AF18536FBAA2F2", "C7CA4AD457791E2D3B67B08D6D72EF50B8941E87682531AB2588997FF1A297D1", "C80170FAE7512B62E4673479961CB718244CFCF6A1208F745C7FAB97070967EE", "C8805CB7A9877952E3B667A528AE49619053A2D7DB5F1F65CA2C84C382A15EAE", "C9392554200379AD1B651B7062D43E6DE91F890D7B000CB90FEAC912B97F65E0", "C941A2D7630C1EEC15E80BE6D862CE593ECABDE4BC36E967811030825C92AE29", "C94FA5B814B5C8CED4EF0BD333AAC9F5F4C221953147AE5B04E4D5E1DF4F2621", "C9DE4845305DF0F83378929053ED892F37959591039ECF2D78BF547B6F112585", "CA19F27B7B5D1CB15793BCCE486CDDED61422BB533553A14C7DE21B1CF23EC63", "CA22EB6E856EBA35EEBB4E26E9399464F4765FC62AB8D4A61DDCD6F4EFCCCD56", "CA3C9AADA39680360DAEA4E8792E1017895CFD055E35AC85B4646686615108DA", "CAF4F131B056322632E184F88C392A4D4BD298973E16C03EB3C9150BCE36A230", "CB0135AB911F30D9436937FD90C15E22A61271E183234CBB7E0F2CCE44E471F0", "CB92DC1510EBC9060E44F55862FFB6CB81DD09F06428FE3EB248282A760D051A", "CBC2A9244197F2ACC0CF00342164A1A2CE3A5F6DB6AA0614CE31E04BB5A850FE", "CD847AA2D918F405653E96EDA503981783E0C61CC01DE2C7DF28C431A6B2E2AF", "CE7B09FDAB4AD52C4D2DF48D876D11F77AB8D075D2126DF86BCFAB3FD1F6D522", "CEA8FEBEBD755E25CDC9DE7E215C4927313FC37724C74ECF67875E57EFC04C4B", "CEF60AD20CB0AB9D5B4D09462D34BDC6009659176F9352CDDE3170E9D8AF536F", "D0E9A6FEA2999AD188DFACA4CDB52E09ADE22AA518CBD8BB87F91A5E6058C8B4", "D150682EF9FF403C35F28AC5DA53AD20574DBAB12EA934E2B1380D5F993369F1", "D194D58E0A1A30A0734C8FE6DA58EC7FC6797984D1E7201650FDE265591EEC82", "D1CB85104D6425EADABAF28CF6CF9EB9A90389B1D6AFFC5FE976A773A70523CD", "D1EE65B724C053B8C531DB8F905A57DF1D402D875E50E3E22DD86A5856E65A9D", "D2A8C45D22C5E13178B6FB7AC0806A276070B9610D455DB9839CFF431430E0CF", "D414FED16B358AD7FE6B00E67C7AA1DB43FD19DDFB901B5F7ABA9F0E20BEB6EC", "D480A38A7712C84D266B19C13CDB65AF8265DF0829266A2BBDBE7B4DC7F24A2D", "D48F5D967CAB789B94C7E1D084F92F01492F6ACFBE7DCFCADD9E3FE725B16F75", "D501AA96184B435A2D60A8F803DC9159803C412606F9F51F17CA8F3DB64573EA", "D51F886DF649B193D2BF4BFCA1F548FB3C4B30713C8B0376CBF061D3C52C1959", "D5F5876D51E1333B156D6BAB7A3B9B711BB9B026AF79134525B9F927D3CE884B", "D5F8A3BA57336D5F62EBAB5F06D1D880AA261067D1F9397FC2C96564014EBFBA", "D749198CFA398E3FE70DB177828133BCFDE49DD1D6A4B6CD094FCE9101F991A4", "D794EA27CA7E3FF8825CDCEFF3439F08F1C4C2B94C2E54C22629BF94087D371F", "D84A315927CDCC76EE52B7A8C46EBE9BAE83FFF61DD96BB0878488DEEB1F74F1", "D9796BED4A99D7BD7ED887217368BE5705A58E6AA2F835F4FEFBF0DBADDB1EC7", "D97E37A745DB2512107E87728912D2EFC89637D90ED73E2D6D8B5A58DAF46874", "D9E8D125D2A5D32BB22B755D0193D28F3F5DE0A694D5EF40ABD49E19443F4CBE", "DABA7DED974B2398189D6CD437940649E019A14178C8AB32F290EB35C8669636", "DABBBB295ACA413920B4C1690FE204BE1D6F8B7B3D23B4AE3AAA8785B384E1B1", "DB7A8308D54D1553944435834CBC02035AE16404F635D99D721BB6312E42C062", "DB96F671D2C03801FFDB9E0404F5E6EB5CE8F28F9A4DF89501AEDFCF7E039266", "DBF2F26BFFBFD90F0247DD552B8E739897923D08BC2C900AD70014B281C12E53", "DD1E4FBBDF4FA000EDF2E286A05EA634208DB4377C6B455CD048AACE3C0B8023", "DDCF25AFD495DBD7D06398438314BF7845A2CEC74BFE45F295C9CE67BD318E39", "DEFBED52ABC2310EDCD812EAE7D66EFB050F845095358FC260D8C8294857312A", "DF8C75A7209FA73A63D8544A7076F2E21CC90EB99D45D04545A8440EE7BF633A", "DFB9520142AEF336C06B3FA4B716521D110D5E99D9BC2A26A640109027CFE1FC", "E01AE27864F5D21E9DE4882755AFD601FD4EE9EEF1B77AD913AFA5BAC1F8BF77", "E180E391C606694452D6653F47E92CB5ED0C4BF804E2799B94B1A61DC7735033", "E21F58CDC47030C2DD784162EB7B8FFCACCA9DA0FAFFAFC1997F1818F441EF03", "E2957241DF0185A99D147775C578113319A7FEAA89DDE258F97F007CFAE79E53", "E2B86254D720126A86E0D868B69F73304F67BBA828605033D214DA145B7078F4", "E362EBCBEB18984C3F95A2E9B16F0D6BCB101E27F50F764417CF1574FE5064FC", "E402E850B0A0ED68CC8F489C032E2C82FE5593322F5A7B7BEECCB0FC6CA17FE9", "E5806582B0DAC27F2443D35FC3FB403009E2DAF3AC951A21C42A0A61821276E2", "E8347ACAF81B4BEE7BCA21CC0C47E2063445B19E9FA4E4431CEF5FAB5FF7AE86", "E97DB2C954E513038435D86F5C3DF2F3BC5F825BBBAEE200529899293BB6EC72", "E9B094875CD2B5848F6A36165BCA28995E5211182785709CC0C6718B4D22F6A8", "EA309163E6ACE6113764011D3E3197FE1E69763FD0AC59DFE2E5D3923A09C474", "EB98986CD7A499E7B3FD4BC3A894075C76EE94CB629CBC03EF5AF9539CF021F0", "ECBF7E6796EA20DB32604144C1F5C387D94E458633E334BCB850DC2A3074CDD5", "ED03174EE315C44093FFE14B8A8A378A735CD4B9C7251ABBBD3B039C1F3A3365", "ED45B3D03432EA991E20FCFB7B9FD0CD25D3E1B834197F239D900E5975F863A2", "ED5493758E1BB2264B2528B7BFDF7459C01FEC351EDA1D8EA5F345B3F0121AD0", "ED62C6A9130D805B355424183F2EB171EFE8C06E3395C0A786CA74FC0BAA7CD7", "ED9F7166CA202FBB1ADD92EED36739FD82AC9A77977822834C24101F8A3B7247", "EE2468CD17C505EFE46ACE480E96AF3AAC6DA75749FBAE6939594509060AB1FB", "EE3562F2436AE977B19689784E345CCDE7552541F8EFE79A721ED9EAEAFB7B04", "EE37479462F01037AB22B8458CF90E2CE68C1E4E010B90E5EDAE704DA0E61FEE", "EE767F9EEED76E1E7A6FC85B28C5327A34900CC397BB24BACB771E57929F9C21", "EE8D3A0FEFA67706787A5BC66641D09B2650AEC307F61637154D7B7341BF2EB2", "EEB59CE81E88B6CE10F98C4A8F591D138F5BEAC293A1860A47F8A0A043ECDD49", "EED7ED86612FAEF9F63E54348F81A1C160DDDB83ED4BF292A6E7281AD00953CB", "EF0B8ABDDF0182AD0AB63DBD4F3EA0B3769B57CF195F94A299C8DFE53DDE410A", "F0F6B314EFF00F10A24D71AC701C8D020FAE17292397195CFCABDAC91A29CD99", "F171D1A128ED9F033A8E4EB7F107F3B0F58ABA4074ACD771E59F004AAC676A0A", "F1ACA7677CBADD7EB2F77410BEC77A5BE4340E5609BD8EA49D889EC532D0AA0D", "F1B3634B8733584864D98B4C436B7290E24275D03ABB8EEFDD4B8AA27AF04574", "F1DEFDA80AF9B0EC8C35A77C1709DF957B4AED3F06AB99EC107A50CF223F775D", "F3F782D7C52FB7EDB2E3360618EA58B1F3470CCF5FC14BCA7DB46A5535A7293A", "F4188E3B827097B5726FE571691C7D8BDE2707668C61436452DE873879AB6FA6", "F4CA880341B94608CA96ABB2752E8B1E313AAF497D8551E7FBFF02076E793142", "F745D009EF3FE6831CECA9A1D44514DBC86EA321DB5659536F06E0B84BF5D5E9", "FA48F62E2F5783F3CABC5A76766A828B81C059C212D573DFEAE20DCDB15D2FAF", "FB1EF057645CD6C66B67DB30B94D4510D250282D407B58DA9A74BC13D66607E8", "FB2510ED4A5C005DB02475B1EDEA3395FA7B2D514DC6415C30E7661A2D9EA587", "FB7B2826853A6CC1030773078566846653AB764C17AD1202D6C43D2C1ACE6068", "FCE07050809EDF0FDD5519879C9E4BCB128AC13A84C2716F0B87AC89A1907CD6", "FDE6500490C37F84426E1A226E3FA6011785039410CC7854F07C25294831EF00", "FE28B8898498A227E2220C2F9647F725699EEA511DFACC3A1387E05664F8B1CE", "FE5A75E2674E3A954976CA7480FE30450BFC40F47930B14A81EBD11A3AB87FD2", "FEE6EC0B73ED9775B73ABBAC77CFAD7CF021EEADE10C31C04CBACE45F6BFC8EF", "FF3F29668BE4D6882AF3E5839478943112087112E84607128EAD1ECE117A1F67"]}, {"type": "kaspersky", "idList": ["KLA11582", "KLA11646", "KLA11753"]}, {"type": "mageia", "idList": ["MGASA-2019-0302", "MGASA-2020-0069", "MGASA-2020-0182"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1316.NASL", "AL2_ALAS-2020-1387.NASL", "AL2_ALAS-2020-1396.NASL", "AL2_ALAS-2020-1403.NASL", "AL2_ALAS-2020-1410.NASL", "AL2_ALAS-2020-1421.NASL", "AL2_ALAS-2020-1424.NASL", "ALA_ALAS-2020-1330.NASL", "ALA_ALAS-2020-1345.NASL", "ALA_ALAS-2020-1354.NASL", "ALA_ALAS-2020-1365.NASL", "AMAZON_CORRETTO_11_0_5_10_1.NASL", "AMAZON_CORRETTO_11_0_6_10_1.NASL", "AMAZON_CORRETTO_11_0_7_10_1.NASL", "AMAZON_CORRETTO_8_232_09_1.NASL", "AMAZON_CORRETTO_8_242_07_1.NASL", "AMAZON_CORRETTO_8_252_09_1.NASL", "CENTOS8_RHSA-2019-3134.NASL", "CENTOS8_RHSA-2019-3135.NASL", "CENTOS8_RHSA-2020-0128.NASL", "CENTOS8_RHSA-2020-0202.NASL", "CENTOS8_RHSA-2020-1514.NASL", "CENTOS8_RHSA-2020-1515.NASL", "CENTOS_RHSA-2019-3127.NASL", "CENTOS_RHSA-2019-3128.NASL", "CENTOS_RHSA-2019-3136.NASL", "CENTOS_RHSA-2020-0122.NASL", "CENTOS_RHSA-2020-0157.NASL", "CENTOS_RHSA-2020-0196.NASL", "CENTOS_RHSA-2020-0541.NASL", "CENTOS_RHSA-2020-0632.NASL", "CENTOS_RHSA-2020-1506.NASL", "CENTOS_RHSA-2020-1507.NASL", "CENTOS_RHSA-2020-1508.NASL", "CENTOS_RHSA-2020-1509.NASL", "CENTOS_RHSA-2020-1512.NASL", "DEBIAN_DLA-2023.NASL", "DEBIAN_DLA-2128.NASL", "DEBIAN_DLA-2193.NASL", "DEBIAN_DSA-4546.NASL", "DEBIAN_DSA-4548.NASL", "DEBIAN_DSA-4605.NASL", "DEBIAN_DSA-4621.NASL", "DEBIAN_DSA-4662.NASL", "DEBIAN_DSA-4668.NASL", "EULEROS_SA-2020-1307.NASL", "EULEROS_SA-2020-1395.NASL", "EULEROS_SA-2020-1581.NASL", "EULEROS_SA-2020-1604.NASL", "EULEROS_SA-2020-2146.NASL", "EULEROS_SA-2020-2249.NASL", "EULEROS_SA-2020-2351.NASL", "EULEROS_SA-2020-2352.NASL", "EULEROS_SA-2021-1078.NASL", "EULEROS_SA-2021-1310.NASL", "EULEROS_SA-2021-2300.NASL", "EULEROS_SA-2022-2616.NASL", "FEDORA_2020-21CA991B3B.NASL", "FEDORA_2020-A60AD9D4EC.NASL", "GENTOO_GLSA-202006-22.NASL", "GENTOO_GLSA-202101-19.NASL", "GENTOO_GLSA-202209-15.NASL", "IBM_JAVA_2019_10_15.NASL", "IBM_JAVA_2020_01_14.NASL", "IBM_JAVA_2020_04_14.NASL", "MCAFEE_EPO_SB10332.NASL", "NEWSTART_CGSL_NS-SA-2019-0213_JAVA-1.8.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2020-0022_JAVA-1_8_0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2020-0048_JAVA-1_7_0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2020-0051_JAVA-1_8_0-OPENJDK.NASL", "NUTANIX_NXSA-AOS-5_10_10.NASL", "NUTANIX_NXSA-AOS-5_11_2_1.NASL", "NUTANIX_NXSA-AOS-5_11_3.NASL", "NUTANIX_NXSA-AOS-5_15_3.NASL", "NUTANIX_NXSA-AOS-5_16_1.NASL", "NUTANIX_NXSA-AOS-5_16_1_1.NASL", "NUTANIX_NXSA-AOS-5_17.NASL", "NUTANIX_NXSA-AOS-5_17_1.NASL", "NUTANIX_NXSA-AOS-5_18.NASL", "OPENJDK_2019-10-15.NASL", "OPENJDK_2020-01-14.NASL", "OPENJDK_2020-04-14.NASL", "OPENSUSE-2019-2557.NASL", "OPENSUSE-2019-2565.NASL", "OPENSUSE-2019-2687.NASL", "OPENSUSE-2020-113.NASL", "OPENSUSE-2020-147.NASL", "OPENSUSE-2020-757.NASL", "OPENSUSE-2020-800.NASL", "ORACLELINUX_ELSA-2019-3127.NASL", "ORACLELINUX_ELSA-2019-3128.NASL", "ORACLELINUX_ELSA-2019-3136.NASL", "ORACLELINUX_ELSA-2020-0122.NASL", "ORACLELINUX_ELSA-2020-0128.NASL", "ORACLELINUX_ELSA-2020-0157.NASL", "ORACLELINUX_ELSA-2020-0196.NASL", "ORACLELINUX_ELSA-2020-0202.NASL", "ORACLELINUX_ELSA-2020-0541.NASL", "ORACLELINUX_ELSA-2020-0632.NASL", "ORACLELINUX_ELSA-2020-1506.NASL", "ORACLELINUX_ELSA-2020-1507.NASL", "ORACLELINUX_ELSA-2020-1508.NASL", "ORACLELINUX_ELSA-2020-1509.NASL", "ORACLELINUX_ELSA-2020-1512.NASL", "ORACLELINUX_ELSA-2020-1514.NASL", "ORACLELINUX_ELSA-2020-1515.NASL", "ORACLE_JAVA_CPU_APR_2020.NASL", "ORACLE_JAVA_CPU_APR_2020_UNIX.NASL", "ORACLE_JAVA_CPU_JAN_2020.NASL", "ORACLE_JAVA_CPU_JAN_2020_UNIX.NASL", "ORACLE_JAVA_CPU_OCT_2019.NASL", "ORACLE_JAVA_CPU_OCT_2019_UNIX.NASL", "PHOTONOS_PHSA-2020-1_0-0290_OPENJDK.NASL", "PHOTONOS_PHSA-2020-1_0-0290_OPENJDK11.NASL", "PHOTONOS_PHSA-2020-2_0-0235_OPENJDK11.NASL", "PHOTONOS_PHSA-2020-2_0-0235_OPENJDK8.NASL", "PHOTONOS_PHSA-2020-3_0-0083_OPENJDK8.NASL", "PHOTONOS_PHSA-2020-3_0-0084_OPENJDK11.NASL", "REDHAT-RHSA-2019-3127.NASL", "REDHAT-RHSA-2019-3128.NASL", "REDHAT-RHSA-2019-3134.NASL", "REDHAT-RHSA-2019-3135.NASL", "REDHAT-RHSA-2019-3136.NASL", "REDHAT-RHSA-2020-0122.NASL", "REDHAT-RHSA-2020-0128.NASL", "REDHAT-RHSA-2020-0157.NASL", "REDHAT-RHSA-2020-0196.NASL", "REDHAT-RHSA-2020-0202.NASL", "REDHAT-RHSA-2020-0231.NASL", "REDHAT-RHSA-2020-0232.NASL", "REDHAT-RHSA-2020-0541.NASL", "REDHAT-RHSA-2020-0632.NASL", "REDHAT-RHSA-2020-1506.NASL", "REDHAT-RHSA-2020-1507.NASL", "REDHAT-RHSA-2020-1508.NASL", "REDHAT-RHSA-2020-1509.NASL", "REDHAT-RHSA-2020-1512.NASL", "REDHAT-RHSA-2020-1514.NASL", "REDHAT-RHSA-2020-1515.NASL", "REDHAT-RHSA-2020-1516.NASL", "REDHAT-RHSA-2020-1517.NASL", "REDHAT-RHSA-2020-2236.NASL", "REDHAT-RHSA-2020-2237.NASL", "REDHAT-RHSA-2020-2238.NASL", "REDHAT-RHSA-2020-2239.NASL", "REDHAT-RHSA-2020-2241.NASL", "SL_20191016_JAVA_11_OPENJDK_ON_SL7_X.NASL", "SL_20191016_JAVA_1_8_0_OPENJDK_ON_SL7_X.NASL", "SL_20191018_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL", "SL_20200116_JAVA_11_OPENJDK_ON_SL7_X.NASL", "SL_20200121_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL", "SL_20200122_JAVA_1_8_0_OPENJDK_ON_SL7_X.NASL", "SL_20200218_JAVA_1_7_0_OPENJDK_ON_SL7_X.NASL", "SL_20200227_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL", "SL_20200421_JAVA_11_OPENJDK_ON_SL7_X.NASL", "SL_20200421_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL", "SL_20200421_JAVA_1_7_0_OPENJDK_ON_SL7_X.NASL", "SL_20200421_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL", "SL_20200421_JAVA_1_8_0_OPENJDK_ON_SL7_X.NASL", "SUSE_SU-2019-2998-1.NASL", "SUSE_SU-2019-3083-1.NASL", "SUSE_SU-2019-3084-1.NASL", "SUSE_SU-2019-3238-1.NASL", "SUSE_SU-2020-0025-1.NASL", "SUSE_SU-2020-0140-1.NASL", "SUSE_SU-2020-0213-1.NASL", "SUSE_SU-2020-0231-1.NASL", "SUSE_SU-2020-0261-1.NASL", "SUSE_SU-2020-0628-1.NASL", "SUSE_SU-2020-14398-1.NASL", "SUSE_SU-2020-1511-1.NASL", "SUSE_SU-2020-1569-1.NASL", "SUSE_SU-2020-1569-2.NASL", "SUSE_SU-2020-1571-1.NASL", "SUSE_SU-2020-1572-1.NASL", "SUSE_SU-2020-1683-1.NASL", "SUSE_SU-2020-1684-1.NASL", "SUSE_SU-2020-1685-1.NASL", "SUSE_SU-2020-1686-1.NASL", "UBUNTU_USN-4223-1.NASL", "UBUNTU_USN-4257-1.NASL", "UBUNTU_USN-4337-1.NASL", "VIRTUOZZO_VZLSA-2019-3128.NASL", "VIRTUOZZO_VZLSA-2019-3136.NASL", "WEBSPHERE_6201862.NASL", "WEBSPHERE_CVE-2019-4720.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704546", "OPENVAS:1361412562310704548", "OPENVAS:1361412562310704605", "OPENVAS:1361412562310704621", "OPENVAS:1361412562310704662", "OPENVAS:1361412562310704668", "OPENVAS:1361412562310815638", "OPENVAS:1361412562310815640", "OPENVAS:1361412562310815899", "OPENVAS:1361412562310816603", "OPENVAS:1361412562310816855", "OPENVAS:1361412562310816858", "OPENVAS:1361412562310816859", "OPENVAS:1361412562310816861", "OPENVAS:1361412562310844279", "OPENVAS:1361412562310844315", "OPENVAS:1361412562310844402", "OPENVAS:1361412562310852786", "OPENVAS:1361412562310852874", "OPENVAS:1361412562310852897", "OPENVAS:1361412562310853015", "OPENVAS:1361412562310853022", "OPENVAS:1361412562310853192", "OPENVAS:1361412562310853208", "OPENVAS:1361412562310853227", "OPENVAS:1361412562310877801", "OPENVAS:1361412562310877831", "OPENVAS:1361412562310877883", "OPENVAS:1361412562310883120", "OPENVAS:1361412562310883121", "OPENVAS:1361412562310883123", "OPENVAS:1361412562310883164", "OPENVAS:1361412562310883173", "OPENVAS:1361412562310883175", "OPENVAS:1361412562310883182", "OPENVAS:1361412562310883192", "OPENVAS:1361412562310883222", "OPENVAS:1361412562310883224", "OPENVAS:1361412562310883228", "OPENVAS:1361412562310883230", "OPENVAS:1361412562310883231", "OPENVAS:1361412562310892023", "OPENVAS:1361412562310892128", "OPENVAS:1361412562310892193", "OPENVAS:1361412562311220201307", "OPENVAS:1361412562311220201395", "OPENVAS:1361412562311220201581", "OPENVAS:1361412562311220201604"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2020", "ORACLE:CPUJAN2020", "ORACLE:CPUOCT2019"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-3127", "ELSA-2019-3128", "ELSA-2019-3134", "ELSA-2019-3135", "ELSA-2019-3136", "ELSA-2020-0122", "ELSA-2020-0128", "ELSA-2020-0157", "ELSA-2020-0196", "ELSA-2020-0202", "ELSA-2020-0541", "ELSA-2020-0632", "ELSA-2020-1506", "ELSA-2020-1507", "ELSA-2020-1508", "ELSA-2020-1509", "ELSA-2020-1512", "ELSA-2020-1514", "ELSA-2020-1515"]}, {"type": "osv", "idList": ["OSV:DLA-2023-1", "OSV:DLA-2128-1", "OSV:DLA-2193-1", "OSV:DSA-4546-1", "OSV:DSA-4548-1", "OSV:DSA-4605-1", "OSV:DSA-4621-1", "OSV:DSA-4662-1", "OSV:DSA-4668-1"]}, {"type": "photon", "idList": ["PHSA-2020-0083", "PHSA-2020-0084", "PHSA-2020-0235", "PHSA-2020-1.0-0290", "PHSA-2020-2.0-0235", "PHSA-2020-3.0-0083", "PHSA-2020-3.0-0084"]}, {"type": "redhat", "idList": ["RHSA-2019:3127", "RHSA-2019:3128", "RHSA-2019:3134", "RHSA-2019:3135", "RHSA-2019:3136", "RHSA-2020:0122", "RHSA-2020:0128", "RHSA-2020:0157", "RHSA-2020:0196", "RHSA-2020:0202", "RHSA-2020:0231", "RHSA-2020:0232", "RHSA-2020:0541", "RHSA-2020:0556", "RHSA-2020:0632", "RHSA-2020:1506", "RHSA-2020:1507", "RHSA-2020:1508", "RHSA-2020:1509", "RHSA-2020:1512", "RHSA-2020:1514", "RHSA-2020:1515", "RHSA-2020:1516", "RHSA-2020:1517", "RHSA-2020:1938", "RHSA-2020:1942", "RHSA-2020:2054", "RHSA-2020:2236", "RHSA-2020:2237", "RHSA-2020:2238", "RHSA-2020:2239", "RHSA-2020:2241"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-2949", "RH:CVE-2020-2654", "RH:CVE-2020-2754", "RH:CVE-2020-2755", "RH:CVE-2020-2756", "RH:CVE-2020-2757", "RH:CVE-2020-2781", "RH:CVE-2020-2800", "RH:CVE-2020-2803", "RH:CVE-2020-2805", "RH:CVE-2020-2830"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2557-1", "OPENSUSE-SU-2019:2565-1", "OPENSUSE-SU-2019:2687-1", "OPENSUSE-SU-2020:0113-1", "OPENSUSE-SU-2020:0147-1", "OPENSUSE-SU-2020:0757-1", "OPENSUSE-SU-2020:0800-1", "OPENSUSE-SU-2020:0841-1"]}, {"type": "symantec", "idList": ["SMNTC-110421", "SMNTC-111505"]}, {"type": "ubuntu", "idList": ["USN-4223-1", "USN-4257-1", "USN-4337-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-2949", "UB:CVE-2020-2654", "UB:CVE-2020-2754", "UB:CVE-2020-2755", "UB:CVE-2020-2756", "UB:CVE-2020-2757", "UB:CVE-2020-2781", "UB:CVE-2020-2800", "UB:CVE-2020-2803", "UB:CVE-2020-2805", "UB:CVE-2020-2830"]}, {"type": "veracode", "idList": ["VERACODE:21712", "VERACODE:22310", "VERACODE:25171", "VERACODE:25461", "VERACODE:25462", "VERACODE:25463", "VERACODE:25464", "VERACODE:25465", "VERACODE:25466", "VERACODE:25467", "VERACODE:25468"]}]}, "affected_software": {"major_version": []}, "epss": [{"cve": "CVE-2019-2949", "epss": "0.000810000", "percentile": "0.329590000", "modified": "2023-03-19"}, {"cve": "CVE-2019-4720", "epss": "0.001280000", "percentile": "0.457880000", "modified": "2023-03-19"}, {"cve": "CVE-2020-2654", "epss": "0.000680000", "percentile": "0.276090000", "modified": "2023-03-19"}, {"cve": "CVE-2020-2754", "epss": "0.002270000", "percentile": "0.591710000", "modified": "2023-03-19"}, {"cve": "CVE-2020-2755", "epss": "0.001020000", "percentile": "0.402500000", "modified": "2023-03-19"}, {"cve": "CVE-2020-2756", "epss": "0.002270000", "percentile": "0.591450000", "modified": "2023-03-19"}, {"cve": "CVE-2020-2757", "epss": "0.002270000", "percentile": "0.591450000", "modified": "2023-03-19"}, {"cve": "CVE-2020-2781", "epss": "0.001020000", "percentile": "0.402500000", "modified": "2023-03-19"}, {"cve": "CVE-2020-2800", "epss": "0.000760000", "percentile": "0.310570000", "modified": "2023-03-19"}, {"cve": "CVE-2020-2803", "epss": "0.001190000", "percentile": "0.444450000", "modified": "2023-03-19"}, {"cve": "CVE-2020-2805", "epss": "0.001190000", "percentile": "0.444450000", "modified": "2023-03-19"}, {"cve": "CVE-2020-2830", "epss": "0.001770000", "percentile": "0.531260000", "modified": "2023-03-19"}, {"cve": "CVE-2020-4329", "epss": "0.000760000", "percentile": "0.307020000", "modified": "2023-03-19"}], "vulnersScore": 0.9}, "_state": {"dependencies": 1677534856, "score": 1677534787, "affected_software_major_version": 1677535305, "epss": 1679303187}, "_internal": {"score_hash": "3fda002db43f3dbe1f2475d59b574352"}, "affectedSoftware": [{"version": "any", "operator": "eq", "name": "ibm websphere application server in ibm cloud"}]}

{"nessus": [{"lastseen": "2023-01-25T14:37:31", "description": "This update for java-1_8_0-ibm fixes the following issues :\n\njava-1_8_0-ibm was updated to Java 8.0 Service Refresh 6 Fix Pack 10 (bsc#1172277,bsc#1169511,bsc#1160968)\n\nCVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service\n\nCVE-2020-2754: Forwarded references to Nashorn\n\nCVE-2020-2755: Improved Nashorn matching\n\nCVE-2020-2756: Improved mapping of serial ENUMs\n\nCVE-2020-2757: Less Blocking Array Queues\n\nCVE-2020-2781: Improved TLS session handling\n\nCVE-2020-2800: Improved Headings for HTTP Servers\n\nCVE-2020-2803: Enhanced buffering of byte buffers\n\nCVE-2020-2805: Enhanced typing of methods\n\nCVE-2020-2830: Improved Scanner conversions\n\nCVE-2019-2949: Fixed an issue which could have resulted in unauthorized access to critical data\n\nAdded RSA PSS SUPPORT TO IBMPKCS11IMPL\n\nThe pack200 and unpack200 alternatives should be slaves of java (bsc#1171352).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:1684-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2949", "CVE-2020-2654", "CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:java-1_8_0-ibm", "p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-alsa", "p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-devel", "p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-plugin", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-1684-1.NASL", "href": "https://www.tenable.com/plugins/nessus/138279", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1684-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138279);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2019-2949\",\n \"CVE-2020-2654\",\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n\n script_name(english:\"SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2020:1684-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for java-1_8_0-ibm fixes the following issues :\n\njava-1_8_0-ibm was updated to Java 8.0 Service Refresh 6 Fix Pack 10\n(bsc#1172277,bsc#1169511,bsc#1160968)\n\nCVE-2020-2654: Fixed an issue which could have resulted in\nunauthorized ability to cause a partial denial of service\n\nCVE-2020-2754: Forwarded references to Nashorn\n\nCVE-2020-2755: Improved Nashorn matching\n\nCVE-2020-2756: Improved mapping of serial ENUMs\n\nCVE-2020-2757: Less Blocking Array Queues\n\nCVE-2020-2781: Improved TLS session handling\n\nCVE-2020-2800: Improved Headings for HTTP Servers\n\nCVE-2020-2803: Enhanced buffering of byte buffers\n\nCVE-2020-2805: Enhanced typing of methods\n\nCVE-2020-2830: Improved Scanner conversions\n\nCVE-2019-2949: Fixed an issue which could have resulted in\nunauthorized access to critical data\n\nAdded RSA PSS SUPPORT TO IBMPKCS11IMPL\n\nThe pack200 and unpack200 alternatives should be slaves of java\n(bsc#1171352).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169511\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172277\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-2949/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2654/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2754/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2755/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2756/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2757/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2781/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2800/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2803/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2805/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2830/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201684-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6da5b9fd\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-1684=1\n\nSUSE Linux Enterprise Server 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-2020-1684=1\n\nSUSE Linux Enterprise Module for Legacy Software 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Legacy-15-SP2-2020-1684=1\n\nSUSE Linux Enterprise Module for Legacy Software 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Legacy-15-SP1-2020-1684=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-alsa-1.8.0_sr6.10-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-plugin-1.8.0_sr6.10-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"java-1_8_0-ibm-1.8.0_sr6.10-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"java-1_8_0-ibm-devel-1.8.0_sr6.10-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"java-1_8_0-ibm-1.8.0_sr6.10-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"java-1_8_0-ibm-devel-1.8.0_sr6.10-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-alsa-1.8.0_sr6.10-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-plugin-1.8.0_sr6.10-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"java-1_8_0-ibm-1.8.0_sr6.10-3.38.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"java-1_8_0-ibm-devel-1.8.0_sr6.10-3.38.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_8_0-ibm\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-26T14:38:29", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2237 advisory.\n\n - OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949)\n\n - OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654)\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-05-20T00:00:00", "type": "nessus", "title": "RHEL 7 : java-1.8.0-ibm (RHSA-2020:2237)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2949", "CVE-2020-2654", "CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-jdbc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-plugin:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-src:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-2237.NASL", "href": "https://www.tenable.com/plugins/nessus/136736", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2237. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136736);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2019-2949\",\n \"CVE-2020-2654\",\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:2237\");\n script_xref(name:\"IAVA\", value:\"2019-A-0385\");\n\n script_name(english:\"RHEL 7 : java-1.8.0-ibm (RHSA-2020:2237)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2237 advisory.\n\n - OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949)\n\n - OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)\n (CVE-2020-2654)\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)\n (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-2949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2237\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1761594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1791217\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823200\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823215\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 113, 119, 185, 248, 400, 522, 770);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-src\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-ibm-1.8.0.6.10-1jpp.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-1.8.0.6.10-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-demo-1.8.0.6.10-1jpp.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-demo-1.8.0.6.10-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-devel-1.8.0.6.10-1jpp.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-devel-1.8.0.6.10-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-jdbc-1.8.0.6.10-1jpp.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-jdbc-1.8.0.6.10-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-plugin-1.8.0.6.10-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-src-1.8.0.6.10-1jpp.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-src-1.8.0.6.10-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.8.0-ibm / java-1.8.0-ibm-demo / java-1.8.0-ibm-devel / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-27T14:31:54", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2241 advisory.\n\n - OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949)\n\n - OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654)\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-05-20T00:00:00", "type": "nessus", "title": "RHEL 8 : java-1.8.0-ibm (RHSA-2020:2241)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2949", "CVE-2020-2654", "CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_aus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_e4s:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_tus:8.2:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-jdbc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-plugin:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-src:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-headless:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-webstart:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_aus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_e4s:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_tus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_aus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_e4s:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_tus:8.6:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-2241.NASL", "href": "https://www.tenable.com/plugins/nessus/136738", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2241. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136738);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2019-2949\",\n \"CVE-2020-2654\",\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:2241\");\n script_xref(name:\"IAVA\", value:\"2019-A-0385\");\n\n script_name(english:\"RHEL 8 : java-1.8.0-ibm (RHSA-2020:2241)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2241 advisory.\n\n - OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949)\n\n - OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)\n (CVE-2020-2654)\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)\n (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-2949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2241\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1761594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1791217\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823200\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823215\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 113, 119, 185, 248, 400, 522, 770);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-webstart\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/appstream/debug',\n 'content/eus/rhel8/8.2/s390x/appstream/os',\n 'content/eus/rhel8/8.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/baseos/debug',\n 'content/eus/rhel8/8.2/s390x/baseos/os',\n 'content/eus/rhel8/8.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/highavailability/debug',\n 'content/eus/rhel8/8.2/s390x/highavailability/os',\n 'content/eus/rhel8/8.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/sap/debug',\n 'content/eus/rhel8/8.2/s390x/sap/os',\n 'content/eus/rhel8/8.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/supplementary/debug',\n 'content/eus/rhel8/8.2/s390x/supplementary/os',\n 'content/eus/rhel8/8.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-ibm-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-demo-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-demo-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-devel-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-devel-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-headless-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-headless-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-jdbc-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-jdbc-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-plugin-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-src-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-src-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-webstart-1.8.0.6.10-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-ibm-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-demo-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-demo-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-devel-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-devel-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-headless-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-headless-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-jdbc-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-jdbc-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-plugin-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-src-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-src-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-webstart-1.8.0.6.10-1.el8_2', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-ibm-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-demo-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-demo-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-devel-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-devel-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-headless-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-headless-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-jdbc-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-jdbc-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-plugin-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-src-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-src-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-webstart-1.8.0.6.10-1.el8_2', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-ibm-1.8.0.6.10-1.el8_2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-1.8.0.6.10-1.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-demo-1.8.0.6.10-1.el8_2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-demo-1.8.0.6.10-1.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-devel-1.8.0.6.10-1.el8_2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-devel-1.8.0.6.10-1.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-headless-1.8.0.6.10-1.el8_2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-headless-1.8.0.6.10-1.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-jdbc-1.8.0.6.10-1.el8_2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-jdbc-1.8.0.6.10-1.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-plugin-1.8.0.6.10-1.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-src-1.8.0.6.10-1.el8_2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-src-1.8.0.6.10-1.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-webstart-1.8.0.6.10-1.el8_2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.8.0-ibm / java-1.8.0-ibm-demo / java-1.8.0-ibm-devel / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-26T14:38:28", "description": "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2239 advisory.\n\n - OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949)\n\n - OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654)\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-05-20T00:00:00", "type": "nessus", "title": "RHEL 6 : java-1.8.0-ibm (RHSA-2020:2239)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2949", "CVE-2020-2654", "CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:6.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-jdbc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-plugin:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-ibm-src:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_els:6:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-2239.NASL", "href": "https://www.tenable.com/plugins/nessus/136740", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2239. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136740);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2019-2949\",\n \"CVE-2020-2654\",\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:2239\");\n script_xref(name:\"IAVA\", value:\"2019-A-0385\");\n\n script_name(english:\"RHEL 6 : java-1.8.0-ibm (RHSA-2020:2239)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2239 advisory.\n\n - OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949)\n\n - OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)\n (CVE-2020-2654)\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)\n (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-2949\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2239\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1761594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1791217\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823200\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823215\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 113, 119, 185, 248, 400, 522, 770);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_els:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-ibm-src\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '6')) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/client/6/6Client/i386/debug',\n 'content/dist/rhel/client/6/6Client/i386/optional/debug',\n 'content/dist/rhel/client/6/6Client/i386/optional/os',\n 'content/dist/rhel/client/6/6Client/i386/optional/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/oracle-java-rm/os',\n 'content/dist/rhel/client/6/6Client/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/os',\n 'content/dist/rhel/client/6/6Client/i386/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/debug',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/os',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/os',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/6/6Client/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/os',\n 'content/dist/rhel/client/6/6Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/debug',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/debug',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/os',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/debug',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/os',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/optional/debug',\n 'content/dist/rhel/server/6/6Server/i386/optional/os',\n 'content/dist/rhel/server/6/6Server/i386/optional/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/oracle-java-rm/os',\n 'content/dist/rhel/server/6/6Server/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/os',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/debug',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/os',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/debug',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/os',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/os',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/os',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/os',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/6/6Server/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/os',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/os',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/oracle-java-rm/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/source/SRPMS',\n 'content/els/rhel/server/6/6Server/i386/debug',\n 'content/els/rhel/server/6/6Server/i386/optional/debug',\n 'content/els/rhel/server/6/6Server/i386/optional/os',\n 'content/els/rhel/server/6/6Server/i386/optional/source/SRPMS',\n 'content/els/rhel/server/6/6Server/i386/os',\n 'content/els/rhel/server/6/6Server/i386/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/debug',\n 'content/els/rhel/server/6/6Server/x86_64/optional/debug',\n 'content/els/rhel/server/6/6Server/x86_64/optional/os',\n 'content/els/rhel/server/6/6Server/x86_64/optional/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/debug',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/sap/debug',\n 'content/els/rhel/server/6/6Server/x86_64/sap/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/source/SRPMS',\n 'content/fastrack/rhel/client/6/i386/debug',\n 'content/fastrack/rhel/client/6/i386/optional/debug',\n 'content/fastrack/rhel/client/6/i386/optional/os',\n 'content/fastrack/rhel/client/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/client/6/i386/os',\n 'content/fastrack/rhel/client/6/i386/source/SRPMS',\n 'content/fastrack/rhel/client/6/x86_64/debug',\n 'content/fastrack/rhel/client/6/x86_64/optional/debug',\n 'content/fastrack/rhel/client/6/x86_64/optional/os',\n 'content/fastrack/rhel/client/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/6/x86_64/os',\n 'content/fastrack/rhel/client/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/os',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/os',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/debug',\n 'content/fastrack/rhel/server/6/i386/highavailability/debug',\n 'content/fastrack/rhel/server/6/i386/highavailability/os',\n 'content/fastrack/rhel/server/6/i386/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/debug',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/os',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/optional/debug',\n 'content/fastrack/rhel/server/6/i386/optional/os',\n 'content/fastrack/rhel/server/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/os',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/debug',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/os',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/debug',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/hpn/debug',\n 'content/fastrack/rhel/server/6/x86_64/hpn/os',\n 'content/fastrack/rhel/server/6/x86_64/hpn/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/debug',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/os',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/optional/debug',\n 'content/fastrack/rhel/server/6/x86_64/optional/os',\n 'content/fastrack/rhel/server/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/os',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/i386/debug',\n 'content/fastrack/rhel/workstation/6/i386/optional/debug',\n 'content/fastrack/rhel/workstation/6/i386/optional/os',\n 'content/fastrack/rhel/workstation/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/i386/os',\n 'content/fastrack/rhel/workstation/6/i386/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/os',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-ibm-1.8.0.6.10-1jpp.1.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-demo-1.8.0.6.10-1jpp.1.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-devel-1.8.0.6.10-1jpp.1.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-jdbc-1.8.0.6.10-1jpp.1.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-plugin-1.8.0.6.10-1jpp.1.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-plugin-1.8.0.6.10-1jpp.1.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-ibm-src-1.8.0.6.10-1jpp.1.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.8.0-ibm / java-1.8.0-ibm-demo / java-1.8.0-ibm-devel / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:38:50", "description": "This update for java-1_8_0-ibm fixes the following issues :\n\njava-1_8_0-ibm was updated to Java 8.0 Service Refresh 6 Fix Pack 10 (bsc#1172277,bsc#1169511,bsc#1160968)\n\nCVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service\n\nCVE-2020-2754: Forwarded references to Nashorn\n\nCVE-2020-2755: Improved Nashorn matching\n\nCVE-2020-2756: Improved mapping of serial ENUMs\n\nCVE-2020-2757: Less Blocking Array Queues\n\nCVE-2020-2781: Improved TLS session handling\n\nCVE-2020-2800: Improved Headings for HTTP Servers\n\nCVE-2020-2803: Enhanced buffering of byte buffers\n\nCVE-2020-2805: Enhanced typing of methods\n\nCVE-2020-2830: Improved Scanner conversions\n\nCVE-2019-2949: Fixed an issue which could have resulted in unauthorized access to critical data\n\nAdded RSA PSS SUPPORT TO IBMPKCS11IMPL\n\nThe pack200 and unpack200 alternatives should be slaves of java (bsc#1171352).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2020:1685-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2949", "CVE-2020-2654", "CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:java-1_8_0-ibm", "p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-alsa", "p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-devel", "p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-plugin", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1685-1.NASL", "href": "https://www.tenable.com/plugins/nessus/138280", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1685-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138280);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2019-2949\",\n \"CVE-2020-2654\",\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2020:1685-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for java-1_8_0-ibm fixes the following issues :\n\njava-1_8_0-ibm was updated to Java 8.0 Service Refresh 6 Fix Pack 10\n(bsc#1172277,bsc#1169511,bsc#1160968)\n\nCVE-2020-2654: Fixed an issue which could have resulted in\nunauthorized ability to cause a partial denial of service\n\nCVE-2020-2754: Forwarded references to Nashorn\n\nCVE-2020-2755: Improved Nashorn matching\n\nCVE-2020-2756: Improved mapping of serial ENUMs\n\nCVE-2020-2757: Less Blocking Array Queues\n\nCVE-2020-2781: Improved TLS session handling\n\nCVE-2020-2800: Improved Headings for HTTP Servers\n\nCVE-2020-2803: Enhanced buffering of byte buffers\n\nCVE-2020-2805: Enhanced typing of methods\n\nCVE-2020-2830: Improved Scanner conversions\n\nCVE-2019-2949: Fixed an issue which could have resulted in\nunauthorized access to critical data\n\nAdded RSA PSS SUPPORT TO IBMPKCS11IMPL\n\nThe pack200 and unpack200 alternatives should be slaves of java\n(bsc#1171352).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160968\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169511\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172277\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-2949/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2654/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2754/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2755/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2756/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2757/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2781/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2800/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2803/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2805/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2830/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201685-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0d5390ef\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-1685=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2020-1685=1\n\nSUSE OpenStack Cloud 7 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-7-2020-1685=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2020-1685=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP4-2020-1685=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2020-1685=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP2-2020-1685=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1685=1\n\nSUSE Linux Enterprise Server 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1685=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-1685=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-1685=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-1685=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-1685=1\n\nSUSE Enterprise Storage 5 :\n\nzypper in -t patch SUSE-Storage-5-2020-1685=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2020-1685=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-alsa-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-plugin-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_8_0-ibm-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_8_0-ibm-devel-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-alsa-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-plugin-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-ibm-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-ibm-devel-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-alsa-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-plugin-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-ibm-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-ibm-devel-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-alsa-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"java-1_8_0-ibm-plugin-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_8_0-ibm-1.8.0_sr6.10-30.69.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_8_0-ibm-devel-1.8.0_sr6.10-30.69.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_8_0-ibm\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-24T14:48:44", "description": "The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14398-1 advisory.\n\n - Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2654)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2756, CVE-2020-2757)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2781)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded:\n 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). (CVE-2020-2800)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). (CVE-2020-2803, CVE-2020-2805)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2020:14398-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2654", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:java-1_7_1-ibm", "p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-alsa", "p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-devel", "p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-jdbc", "p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-plugin", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2020-14398-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150573", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2020:14398-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150573);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2020-2654\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2020:14398-1\");\n\n script_name(english:\"SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2020:14398-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2020:14398-1 advisory.\n\n - Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are\n affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows\n unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful\n attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service\n (partial DOS) of Java SE. Note: This vulnerability can only be exploited by supplying data to APIs in the\n specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as\n through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2654)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple\n protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through\n sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying\n data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed\n Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2756, CVE-2020-2757)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported\n versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java\n SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause\n a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server\n deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and\n sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component\n without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web\n service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2781)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP\n Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded:\n 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple\n protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in\n unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well\n as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This\n vulnerability can only be exploited by supplying data to APIs in the specified Component without using\n Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0\n Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). (CVE-2020-2800)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported\n versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to\n exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to\n compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other\n than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly\n impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE,\n Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running\n sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,\n code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not\n apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed\n by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS\n Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). (CVE-2020-2803, CVE-2020-2805)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple\n protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through\n sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying\n data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed\n Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1169511\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1172277\");\n # https://lists.suse.com/pipermail/sle-security-updates/2020-June/006965.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?215b57f9\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2830\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_1-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\npkgs = [\n {'reference':'java-1_7_1-ibm-1.7.1_sr4.65-26.55', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'java-1_7_1-ibm-alsa-1.7.1_sr4.65-26.55', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'java-1_7_1-ibm-alsa-1.7.1_sr4.65-26.55', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'java-1_7_1-ibm-devel-1.7.1_sr4.65-26.55', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'java-1_7_1-ibm-jdbc-1.7.1_sr4.65-26.55', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'java-1_7_1-ibm-plugin-1.7.1_sr4.65-26.55', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'java-1_7_1-ibm-plugin-1.7.1_sr4.65-26.55', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'java-1_7_1-ibm-1.7.1_sr4.65-26.55', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'java-1_7_1-ibm-alsa-1.7.1_sr4.65-26.55', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'java-1_7_1-ibm-alsa-1.7.1_sr4.65-26.55', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'java-1_7_1-ibm-devel-1.7.1_sr4.65-26.55', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'java-1_7_1-ibm-jdbc-1.7.1_sr4.65-26.55', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'java-1_7_1-ibm-plugin-1.7.1_sr4.65-26.55', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'},\n {'reference':'java-1_7_1-ibm-plugin-1.7.1_sr4.65-26.55', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n exists_check = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release && exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n else if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1_7_1-ibm / java-1_7_1-ibm-alsa / java-1_7_1-ibm-devel / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:36:57", "description": "This update for java-1_7_1-ibm fixes the following issues :\n\njava-1_7_1-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 65 (bsc#1172277 and bsc#1169511)\n\nCVE-2020-2654: Fixed an issue which could have resulted in unauthorized ability to cause a partial denial of service\n\nCVE-2020-2756: Improved mapping of serial ENUMs\n\nCVE-2020-2757: Less Blocking Array Queues\n\nCVE-2020-2781: Improved TLS session handling\n\nCVE-2020-2800: Improved Headings for HTTP Servers\n\nCVE-2020-2803: Enhanced buffering of byte buffers\n\nCVE-2020-2805: Enhanced typing of methods\n\nCVE-2020-2830: Improved Scanner conversions\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2020:1683-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2654", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:java-1_7_1-ibm", "p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-alsa", "p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-devel", "p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-jdbc", "p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-plugin", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1683-1.NASL", "href": "https://www.tenable.com/plugins/nessus/138278", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1683-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138278);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-2654\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2020:1683-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for java-1_7_1-ibm fixes the following issues :\n\njava-1_7_1-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 65\n(bsc#1172277 and bsc#1169511)\n\nCVE-2020-2654: Fixed an issue which could have resulted in\nunauthorized ability to cause a partial denial of service\n\nCVE-2020-2756: Improved mapping of serial ENUMs\n\nCVE-2020-2757: Less Blocking Array Queues\n\nCVE-2020-2781: Improved TLS session handling\n\nCVE-2020-2800: Improved Headings for HTTP Servers\n\nCVE-2020-2803: Enhanced buffering of byte buffers\n\nCVE-2020-2805: Enhanced typing of methods\n\nCVE-2020-2830: Improved Scanner conversions\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169511\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172277\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2654/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2756/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2757/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2781/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2800/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2803/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2805/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2830/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201683-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e20b7dbe\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-1683=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2020-1683=1\n\nSUSE OpenStack Cloud 7 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-7-2020-1683=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2020-1683=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP4-2020-1683=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2020-1683=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP2-2020-1683=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1683=1\n\nSUSE Linux Enterprise Server 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1683=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-1683=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-1683=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-1683=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-1683=1\n\nSUSE Enterprise Storage 5 :\n\nzypper in -t patch SUSE-Storage-5-2020-1683=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2020-1683=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_1-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-alsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_1-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"java-1_7_1-ibm-alsa-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"java-1_7_1-ibm-plugin-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_1-ibm-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_1-ibm-devel-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_1-ibm-jdbc-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_7_1-ibm-alsa-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"java-1_7_1-ibm-plugin-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_1-ibm-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_1-ibm-devel-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_1-ibm-jdbc-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_7_1-ibm-alsa-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"java-1_7_1-ibm-plugin-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_1-ibm-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_1-ibm-devel-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_1-ibm-jdbc-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"java-1_7_1-ibm-alsa-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"java-1_7_1-ibm-plugin-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_1-ibm-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_1-ibm-devel-1.7.1_sr4.65-38.53.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_1-ibm-jdbc-1.7.1_sr4.65-38.53.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_7_1-ibm\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-26T14:38:11", "description": "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2236 advisory.\n\n - OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-05-20T00:00:00", "type": "nessus", "title": "RHEL 6 : java-1.7.1-ibm (RHSA-2020:2236)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2654", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:6.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm-jdbc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm-plugin:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm-src:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_els:6:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-2236.NASL", "href": "https://www.tenable.com/plugins/nessus/136739", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2236. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136739);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-2654\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:2236\");\n\n script_name(english:\"RHEL 6 : java-1.7.1-ibm (RHSA-2020:2236)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2236 advisory.\n\n - OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)\n (CVE-2020-2654)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1791217\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823215\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 113, 119, 185, 248, 400, 770);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_els:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-src\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '6')) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/client/6/6Client/i386/debug',\n 'content/dist/rhel/client/6/6Client/i386/optional/debug',\n 'content/dist/rhel/client/6/6Client/i386/optional/os',\n 'content/dist/rhel/client/6/6Client/i386/optional/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/oracle-java-rm/os',\n 'content/dist/rhel/client/6/6Client/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/os',\n 'content/dist/rhel/client/6/6Client/i386/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/debug',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/os',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/os',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/6/6Client/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/os',\n 'content/dist/rhel/client/6/6Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/debug',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/debug',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/os',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/debug',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/os',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/optional/debug',\n 'content/dist/rhel/server/6/6Server/i386/optional/os',\n 'content/dist/rhel/server/6/6Server/i386/optional/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/oracle-java-rm/os',\n 'content/dist/rhel/server/6/6Server/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/os',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/debug',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/os',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/debug',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/os',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/os',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/os',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/os',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/6/6Server/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/os',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/os',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/oracle-java-rm/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/source/SRPMS',\n 'content/els/rhel/server/6/6Server/i386/debug',\n 'content/els/rhel/server/6/6Server/i386/optional/debug',\n 'content/els/rhel/server/6/6Server/i386/optional/os',\n 'content/els/rhel/server/6/6Server/i386/optional/source/SRPMS',\n 'content/els/rhel/server/6/6Server/i386/os',\n 'content/els/rhel/server/6/6Server/i386/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/debug',\n 'content/els/rhel/server/6/6Server/x86_64/optional/debug',\n 'content/els/rhel/server/6/6Server/x86_64/optional/os',\n 'content/els/rhel/server/6/6Server/x86_64/optional/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/debug',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/sap/debug',\n 'content/els/rhel/server/6/6Server/x86_64/sap/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/source/SRPMS',\n 'content/fastrack/rhel/client/6/i386/debug',\n 'content/fastrack/rhel/client/6/i386/optional/debug',\n 'content/fastrack/rhel/client/6/i386/optional/os',\n 'content/fastrack/rhel/client/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/client/6/i386/os',\n 'content/fastrack/rhel/client/6/i386/source/SRPMS',\n 'content/fastrack/rhel/client/6/x86_64/debug',\n 'content/fastrack/rhel/client/6/x86_64/optional/debug',\n 'content/fastrack/rhel/client/6/x86_64/optional/os',\n 'content/fastrack/rhel/client/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/6/x86_64/os',\n 'content/fastrack/rhel/client/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/os',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/os',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/debug',\n 'content/fastrack/rhel/server/6/i386/highavailability/debug',\n 'content/fastrack/rhel/server/6/i386/highavailability/os',\n 'content/fastrack/rhel/server/6/i386/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/debug',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/os',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/optional/debug',\n 'content/fastrack/rhel/server/6/i386/optional/os',\n 'content/fastrack/rhel/server/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/os',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/debug',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/os',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/debug',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/hpn/debug',\n 'content/fastrack/rhel/server/6/x86_64/hpn/os',\n 'content/fastrack/rhel/server/6/x86_64/hpn/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/debug',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/os',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/optional/debug',\n 'content/fastrack/rhel/server/6/x86_64/optional/os',\n 'content/fastrack/rhel/server/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/os',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/i386/debug',\n 'content/fastrack/rhel/workstation/6/i386/optional/debug',\n 'content/fastrack/rhel/workstation/6/i386/optional/os',\n 'content/fastrack/rhel/workstation/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/i386/os',\n 'content/fastrack/rhel/workstation/6/i386/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/os',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.7.1-ibm-1.7.1.4.65-1jpp.1.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-demo-1.7.1.4.65-1jpp.1.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-devel-1.7.1.4.65-1jpp.1.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-jdbc-1.7.1.4.65-1jpp.1.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-plugin-1.7.1.4.65-1jpp.1.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-plugin-1.7.1.4.65-1jpp.1.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-src-1.7.1.4.65-1jpp.1.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.7.1-ibm / java-1.7.1-ibm-demo / java-1.7.1-ibm-devel / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-26T14:38:44", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2238 advisory.\n\n - OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-05-20T00:00:00", "type": "nessus", "title": "RHEL 7 : java-1.7.1-ibm (RHSA-2020:2238)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2654", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm-jdbc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm-plugin:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.1-ibm-src:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-2238.NASL", "href": "https://www.tenable.com/plugins/nessus/136735", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2238. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136735);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-2654\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:2238\");\n\n script_name(english:\"RHEL 7 : java-1.7.1-ibm (RHSA-2020:2238)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2238 advisory.\n\n - OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037)\n (CVE-2020-2654)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2654\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2238\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1791217\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823215\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 113, 119, 185, 248, 400, 770);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.1-ibm-src\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.7.1-ibm-1.7.1.4.65-1jpp.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-1.7.1.4.65-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-demo-1.7.1.4.65-1jpp.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-demo-1.7.1.4.65-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-devel-1.7.1.4.65-1jpp.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-devel-1.7.1.4.65-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-jdbc-1.7.1.4.65-1jpp.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-jdbc-1.7.1.4.65-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-plugin-1.7.1.4.65-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-src-1.7.1.4.65-1jpp.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.1-ibm-src-1.7.1.4.65-1jpp.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.7.1-ibm / java-1.7.1-ibm-demo / java-1.7.1-ibm-devel / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:35:06", "description": "This update for java-1_8_0-openjdk to version jdk8u252 fixes the following issues :\n\nCVE-2020-2754: Forward references to Nashorn (bsc#1169511)\n\nCVE-2020-2755: Improve Nashorn matching (bsc#1169511)\n\nCVE-2020-2756: Better mapping of serial ENUMs (bsc#1169511)\n\nCVE-2020-2757: Less Blocking Array Queues (bsc#1169511)\n\nCVE-2020-2773: Better signatures in XML (bsc#1169511)\n\nCVE-2020-2781: Improve TLS session handling (bsc#1169511)\n\nCVE-2020-2800: Better Headings for HTTP Servers (bsc#1169511)\n\nCVE-2020-2803: Enhance buffering of byte buffers (bsc#1169511)\n\nCVE-2020-2805: Enhance typing of methods (bsc#1169511)\n\nCVE-2020-2830: Better Scanner conversions (bsc#1169511)\n\nIgnore whitespaces after the header or footer in PEM X.509 cert (bsc#1171352)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-06-18T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2020:1569-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debugsource", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-1569-1.NASL", "href": "https://www.tenable.com/plugins/nessus/137598", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1569-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137598);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n\n script_name(english:\"SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2020:1569-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for java-1_8_0-openjdk to version jdk8u252 fixes the\nfollowing issues :\n\nCVE-2020-2754: Forward references to Nashorn (bsc#1169511)\n\nCVE-2020-2755: Improve Nashorn matching (bsc#1169511)\n\nCVE-2020-2756: Better mapping of serial ENUMs (bsc#1169511)\n\nCVE-2020-2757: Less Blocking Array Queues (bsc#1169511)\n\nCVE-2020-2773: Better signatures in XML (bsc#1169511)\n\nCVE-2020-2781: Improve TLS session handling (bsc#1169511)\n\nCVE-2020-2800: Better Headings for HTTP Servers (bsc#1169511)\n\nCVE-2020-2803: Enhance buffering of byte buffers (bsc#1169511)\n\nCVE-2020-2805: Enhance typing of methods (bsc#1169511)\n\nCVE-2020-2830: Better Scanner conversions (bsc#1169511)\n\nIgnore whitespaces after the header or footer in PEM X.509 cert\n(bsc#1171352)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160398\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169511\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2754/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2755/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2756/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2757/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2773/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2781/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2800/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2803/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2805/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2830/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201569-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2161ab99\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-1569=1\n\nSUSE Linux Enterprise Server 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-2020-1569=1\n\nSUSE Linux Enterprise Module for Legacy Software 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Legacy-15-SP1-2020-1569=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"java-1_8_0-openjdk-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"java-1_8_0-openjdk-demo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"java-1_8_0-openjdk-devel-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"java-1_8_0-openjdk-headless-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"java-1_8_0-openjdk-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"java-1_8_0-openjdk-demo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"java-1_8_0-openjdk-devel-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"java-1_8_0-openjdk-headless-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.252-3.35.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_8_0-openjdk\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:32:20", "description": "From Red Hat Security Advisory 2020:1512 :\n\nThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1512 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-24T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2020-1512)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:java-1.8.0-openjdk", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-accessibility", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-accessibility-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-demo", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-demo-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-devel", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-devel-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-headless", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-headless-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc-zip", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc-zip-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-src", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-src-debug", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2020-1512.NASL", "href": "https://www.tenable.com/plugins/nessus/135953", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1512 and \n# Oracle Linux Security Advisory ELSA-2020-1512 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135953);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1512\");\n script_xref(name:\"IAVA\", value:\"2020-A-0134-S\");\n\n script_name(english:\"Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2020-1512)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2020:1512 :\n\nThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1512 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check\n in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in\n regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to\n uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in\n ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by\n DOMKeyInfoFactory and DOMXMLSignatureFactory (Security,\n 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new\n connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer\n (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers\n (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in\n MethodType.readObject() (Libraries, 8235274)\n (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency,\n 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2020-April/009854.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.8.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-accessibility-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-demo-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-devel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-headless-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc-zip-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-src-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-accessibility-debug-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el7_8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-26T14:37:55", "description": "From Red Hat Security Advisory 2020:1515 :\n\nThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1515 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-24T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : java-1.8.0-openjdk (ELSA-2020-1515)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:java-1.8.0-openjdk", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-accessibility", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-demo", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-devel", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-headless", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc-zip", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-src", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2020-1515.NASL", "href": "https://www.tenable.com/plugins/nessus/135956", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1515 and \n# Oracle Linux Security Advisory ELSA-2020-1515 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135956);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1515\");\n script_xref(name:\"IAVA\", value:\"2020-A-0134-S\");\n\n script_name(english:\"Oracle Linux 8 : java-1.8.0-openjdk (ELSA-2020-1515)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2020:1515 :\n\nThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1515 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check\n in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in\n regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to\n uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in\n ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by\n DOMKeyInfoFactory and DOMXMLSignatureFactory (Security,\n 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new\n connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer\n (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers\n (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in\n MethodType.readObject() (Libraries, 8235274)\n (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency,\n 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2020-April/009862.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.8.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-1.8.0.252.b09-2.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el8_1\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-src-1.8.0.252.b09-2.el8_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:34:41", "description": "Update to OpenJDK 8u252 (April Critical Patch Update)\n\n - JDK-8223898, CVE-2020-2754: Forward references to Nashorn\n\n - JDK-8223904, CVE-2020-2755: Improve Nashorn matching\n\n - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs\n\n - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues\n\n - JDK-8225603: Enhancement for big integers\n\n - JDK-8227542: Manifest improved jar headers\n\n - JDK-8231415, CVE-2020-2773: Better signatures in XML\n\n - JDK-8233250: Better X11 rendering\n\n - JDK-8233410: Better Build Scripting\n\n - JDK-8234027: Better JCEKS key support\n\n - JDK-8234408, CVE-2020-2781: Improve TLS session handling\n\n - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers\n\n - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers\n\n - JDK-8235274, CVE-2020-2805: Enhance typing of methods\n\n - JDK-8236201, CVE-2020-2830: Better Scanner conversions\n\n - JDK-8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap\n\nFull release notes: https://bitly.com/oj8u252\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-05-13T00:00:00", "type": "nessus", "title": "Fedora 30 : 1:java-1.8.0-openjdk (2020-21ca991b3b)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:java-1.8.0-openjdk", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2020-21CA991B3B.NASL", "href": "https://www.tenable.com/plugins/nessus/136531", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-21ca991b3b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136531);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\"CVE-2020-2754\", \"CVE-2020-2755\", \"CVE-2020-2756\", \"CVE-2020-2757\", \"CVE-2020-2773\", \"CVE-2020-2781\", \"CVE-2020-2800\", \"CVE-2020-2803\", \"CVE-2020-2805\", \"CVE-2020-2830\");\n script_xref(name:\"FEDORA\", value:\"2020-21ca991b3b\");\n\n script_name(english:\"Fedora 30 : 1:java-1.8.0-openjdk (2020-21ca991b3b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Update to OpenJDK 8u252 (April Critical Patch Update)\n\n - JDK-8223898, CVE-2020-2754: Forward references to\n Nashorn\n\n - JDK-8223904, CVE-2020-2755: Improve Nashorn matching\n\n - JDK-8224541, CVE-2020-2756: Better mapping of serial\n ENUMs\n\n - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues\n\n - JDK-8225603: Enhancement for big integers\n\n - JDK-8227542: Manifest improved jar headers\n\n - JDK-8231415, CVE-2020-2773: Better signatures in XML\n\n - JDK-8233250: Better X11 rendering\n\n - JDK-8233410: Better Build Scripting\n\n - JDK-8234027: Better JCEKS key support\n\n - JDK-8234408, CVE-2020-2781: Improve TLS session handling\n\n - JDK-8234825, CVE-2020-2800: Better Headings for HTTP\n Servers\n\n - JDK-8234841, CVE-2020-2803: Enhance buffering of byte\n buffers\n\n - JDK-8235274, CVE-2020-2805: Enhance typing of methods\n\n - JDK-8236201, CVE-2020-2830: Better Scanner conversions\n\n - JDK-8238960: linux-i586 builds are inconsistent as the\n newly build jdk is not able to reserve enough space for\n object heap\n\nFull release notes: https://bitly.com/oj8u252\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bitly.com/oj8u252\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-21ca991b3b\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 1:java-1.8.0-openjdk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"java-1.8.0-openjdk-1.8.0.252.b09-0.fc30\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:java-1.8.0-openjdk\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:34:01", "description": "Update to OpenJDK 8u252 (April Critical Patch Update)\n\n - JDK-8223898, CVE-2020-2754: Forward references to Nashorn\n\n - JDK-8223904, CVE-2020-2755: Improve Nashorn matching\n\n - JDK-8224541, CVE-2020-2756: Better mapping of serial ENUMs\n\n - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues\n\n - JDK-8225603: Enhancement for big integers\n\n - JDK-8227542: Manifest improved jar headers\n\n - JDK-8231415, CVE-2020-2773: Better signatures in XML\n\n - JDK-8233250: Better X11 rendering\n\n - JDK-8233410: Better Build Scripting\n\n - JDK-8234027: Better JCEKS key support\n\n - JDK-8234408, CVE-2020-2781: Improve TLS session handling\n\n - JDK-8234825, CVE-2020-2800: Better Headings for HTTP Servers\n\n - JDK-8234841, CVE-2020-2803: Enhance buffering of byte buffers\n\n - JDK-8235274, CVE-2020-2805: Enhance typing of methods\n\n - JDK-8236201, CVE-2020-2830: Better Scanner conversions\n\n - JDK-8238960: linux-i586 builds are inconsistent as the newly build jdk is not able to reserve enough space for object heap\n\nFull release notes: https://bitly.com/oj8u252\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-05-18T00:00:00", "type": "nessus", "title": "Fedora 31 : 1:java-1.8.0-openjdk (2020-a60ad9d4ec)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:java-1.8.0-openjdk", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-A60AD9D4EC.NASL", "href": "https://www.tenable.com/plugins/nessus/136682", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-a60ad9d4ec.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136682);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\"CVE-2020-2754\", \"CVE-2020-2755\", \"CVE-2020-2756\", \"CVE-2020-2757\", \"CVE-2020-2773\", \"CVE-2020-2781\", \"CVE-2020-2800\", \"CVE-2020-2803\", \"CVE-2020-2805\", \"CVE-2020-2830\");\n script_xref(name:\"FEDORA\", value:\"2020-a60ad9d4ec\");\n\n script_name(english:\"Fedora 31 : 1:java-1.8.0-openjdk (2020-a60ad9d4ec)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Update to OpenJDK 8u252 (April Critical Patch Update)\n\n - JDK-8223898, CVE-2020-2754: Forward references to\n Nashorn\n\n - JDK-8223904, CVE-2020-2755: Improve Nashorn matching\n\n - JDK-8224541, CVE-2020-2756: Better mapping of serial\n ENUMs\n\n - JDK-8224549, CVE-2020-2757: Less Blocking Array Queues\n\n - JDK-8225603: Enhancement for big integers\n\n - JDK-8227542: Manifest improved jar headers\n\n - JDK-8231415, CVE-2020-2773: Better signatures in XML\n\n - JDK-8233250: Better X11 rendering\n\n - JDK-8233410: Better Build Scripting\n\n - JDK-8234027: Better JCEKS key support\n\n - JDK-8234408, CVE-2020-2781: Improve TLS session handling\n\n - JDK-8234825, CVE-2020-2800: Better Headings for HTTP\n Servers\n\n - JDK-8234841, CVE-2020-2803: Enhance buffering of byte\n buffers\n\n - JDK-8235274, CVE-2020-2805: Enhance typing of methods\n\n - JDK-8236201, CVE-2020-2830: Better Scanner conversions\n\n - JDK-8238960: linux-i586 builds are inconsistent as the\n newly build jdk is not able to reserve enough space for\n object heap\n\nFull release notes: https://bitly.com/oj8u252\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bitly.com/oj8u252\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-a60ad9d4ec\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 1:java-1.8.0-openjdk package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"java-1.8.0-openjdk-1.8.0.252.b09-0.fc31\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:java-1.8.0-openjdk\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-24T14:24:35", "description": "This update for java-1_8_0-openjdk to version jdk8u252 fixes the following issues :\n\n - CVE-2020-2754: Forward references to Nashorn (bsc#1169511)\n\n - CVE-2020-2755: Improve Nashorn matching (bsc#1169511)\n\n - CVE-2020-2756: Better mapping of serial ENUMs (bsc#1169511)\n\n - CVE-2020-2757: Less Blocking Array Queues (bsc#1169511)\n\n - CVE-2020-2773: Better signatures in XML (bsc#1169511)\n\n - CVE-2020-2781: Improve TLS session handling (bsc#1169511)\n\n - CVE-2020-2800: Better Headings for HTTP Servers (bsc#1169511)\n\n - CVE-2020-2803: Enhance buffering of byte buffers (bsc#1169511)\n\n - CVE-2020-2805: Enhance typing of methods (bsc#1169511)\n\n - CVE-2020-2830: Better Scanner conversions (bsc#1169511)\n\n - Ignore whitespaces after the header or footer in PEM X.509 cert (bsc#1171352)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2020-800)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:java-1_8_0-openjdk", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-accessibility", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debuginfo", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debugsource", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo-debuginfo", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel-debuginfo", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless-debuginfo", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-javadoc", "p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-src", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-800.NASL", "href": "https://www.tenable.com/plugins/nessus/138678", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-800.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138678);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-2754\", \"CVE-2020-2755\", \"CVE-2020-2756\", \"CVE-2020-2757\", \"CVE-2020-2773\", \"CVE-2020-2781\", \"CVE-2020-2800\", \"CVE-2020-2803\", \"CVE-2020-2805\", \"CVE-2020-2830\");\n\n script_name(english:\"openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2020-800)\");\n script_summary(english:\"Check for the openSUSE-2020-800 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for java-1_8_0-openjdk to version jdk8u252 fixes the\nfollowing issues :\n\n - CVE-2020-2754: Forward references to Nashorn\n (bsc#1169511)\n\n - CVE-2020-2755: Improve Nashorn matching (bsc#1169511)\n\n - CVE-2020-2756: Better mapping of serial ENUMs\n (bsc#1169511)\n\n - CVE-2020-2757: Less Blocking Array Queues (bsc#1169511)\n\n - CVE-2020-2773: Better signatures in XML (bsc#1169511)\n\n - CVE-2020-2781: Improve TLS session handling\n (bsc#1169511)\n\n - CVE-2020-2800: Better Headings for HTTP Servers\n (bsc#1169511)\n\n - CVE-2020-2803: Enhance buffering of byte buffers\n (bsc#1169511)\n\n - CVE-2020-2805: Enhance typing of methods (bsc#1169511)\n\n - CVE-2020-2830: Better Scanner conversions (bsc#1169511)\n\n - Ignore whitespaces after the header or footer in PEM\n X.509 cert (bsc#1171352)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1160398\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1169511\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1171352\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected java-1_8_0-openjdk packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-demo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-headless-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:java-1_8_0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-1.8.0.252-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-accessibility-1.8.0.252-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.252-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.252-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-demo-1.8.0.252-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.252-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-devel-1.8.0.252-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.252-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-headless-1.8.0.252-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.252-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-javadoc-1.8.0.252-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"java-1_8_0-openjdk-src-1.8.0.252-lp151.2.12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:38:16", "description": "This update for java-1_8_0-openjdk to version jdk8u252 fixes the following issues :\n\nCVE-2020-2754: Forward references to Nashorn (bsc#1169511)\n\nCVE-2020-2755: Improve Nashorn matching (bsc#1169511)\n\nCVE-2020-2756: Better mapping of serial ENUMs (bsc#1169511)\n\nCVE-2020-2757: Less Blocking Array Queues (bsc#1169511)\n\nCVE-2020-2773: Better signatures in XML (bsc#1169511)\n\nCVE-2020-2781: Improve TLS session handling (bsc#1169511)\n\nCVE-2020-2800: Better Headings for HTTP Servers (bsc#1169511)\n\nCVE-2020-2803: Enhance buffering of byte buffers (bsc#1169511)\n\nCVE-2020-2805: Enhance typing of methods (bsc#1169511)\n\nCVE-2020-2830: Better Scanner conversions (bsc#1169511)\n\nIgnore whitespaces after the header or footer in PEM X.509 cert (bsc#1171352)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-15T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2020:1569-2)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debugsource", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-1569-2.NASL", "href": "https://www.tenable.com/plugins/nessus/138491", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1569-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138491);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n\n script_name(english:\"SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2020:1569-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for java-1_8_0-openjdk to version jdk8u252 fixes the\nfollowing issues :\n\nCVE-2020-2754: Forward references to Nashorn (bsc#1169511)\n\nCVE-2020-2755: Improve Nashorn matching (bsc#1169511)\n\nCVE-2020-2756: Better mapping of serial ENUMs (bsc#1169511)\n\nCVE-2020-2757: Less Blocking Array Queues (bsc#1169511)\n\nCVE-2020-2773: Better signatures in XML (bsc#1169511)\n\nCVE-2020-2781: Improve TLS session handling (bsc#1169511)\n\nCVE-2020-2800: Better Headings for HTTP Servers (bsc#1169511)\n\nCVE-2020-2803: Enhance buffering of byte buffers (bsc#1169511)\n\nCVE-2020-2805: Enhance typing of methods (bsc#1169511)\n\nCVE-2020-2830: Better Scanner conversions (bsc#1169511)\n\nIgnore whitespaces after the header or footer in PEM X.509 cert\n(bsc#1171352)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160398\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169511\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171352\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2754/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2755/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2756/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2757/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2773/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2781/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2800/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2803/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2805/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2830/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201569-2\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fd2454b7\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Legacy Software 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Legacy-15-SP2-2020-1569=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"java-1_8_0-openjdk-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"java-1_8_0-openjdk-demo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"java-1_8_0-openjdk-devel-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"java-1_8_0-openjdk-headless-1.8.0.252-3.35.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.252-3.35.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_8_0-openjdk\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-26T14:37:55", "description": "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1506 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-21T00:00:00", "type": "nessus", "title": "RHEL 6 : java-1.8.0-openjdk (RHSA-2020:1506)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:6.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-debug:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-demo-debug:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-devel-debug:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-headless:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-headless-debug:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc-debug:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-src:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-src-debug:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_els:6:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-1506.NASL", "href": "https://www.tenable.com/plugins/nessus/135776", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1506. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135776);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1506\");\n\n script_name(english:\"RHEL 6 : java-1.8.0-openjdk (RHSA-2020:1506)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1506 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)\n (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415)\n (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2773\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823200\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823215\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 113, 119, 185, 248, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_els:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-demo-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-devel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-headless-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-src-debug\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '6')) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/client/6/6Client/i386/debug',\n 'content/dist/rhel/client/6/6Client/i386/optional/debug',\n 'content/dist/rhel/client/6/6Client/i386/optional/os',\n 'content/dist/rhel/client/6/6Client/i386/optional/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/oracle-java-rm/os',\n 'content/dist/rhel/client/6/6Client/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/os',\n 'content/dist/rhel/client/6/6Client/i386/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/debug',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/os',\n 'content/dist/rhel/client/6/6Client/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/os',\n 'content/dist/rhel/client/6/6Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/6/6Client/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/os',\n 'content/dist/rhel/client/6/6Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/6/6Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/hpn/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/debug',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/debug',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/os',\n 'content/dist/rhel/server/6/6Server/i386/highavailability/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/debug',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/os',\n 'content/dist/rhel/server/6/6Server/i386/loadbalancer/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/optional/debug',\n 'content/dist/rhel/server/6/6Server/i386/optional/os',\n 'content/dist/rhel/server/6/6Server/i386/optional/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/oracle-java-rm/os',\n 'content/dist/rhel/server/6/6Server/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/os',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/debug',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/os',\n 'content/dist/rhel/server/6/6Server/i386/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/debug',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/os',\n 'content/dist/rhel/server/6/6Server/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/6/6Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/os',\n 'content/dist/rhel/server/6/6Server/x86_64/hpn/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/os',\n 'content/dist/rhel/server/6/6Server/x86_64/loadbalancer/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/os',\n 'content/dist/rhel/server/6/6Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/6/6Server/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/os',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/6/6Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/6/6Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/os',\n 'content/dist/rhel/server/6/6Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/server/6/6Server/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/6/6Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/optional/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/oracle-java-rm/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/debug',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/os',\n 'content/dist/rhel/workstation/6/6Workstation/i386/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/oracle-java-rm/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/scalablefilesystem/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/6/6Workstation/x86_64/supplementary/source/SRPMS',\n 'content/els/rhel/server/6/6Server/i386/debug',\n 'content/els/rhel/server/6/6Server/i386/optional/debug',\n 'content/els/rhel/server/6/6Server/i386/optional/os',\n 'content/els/rhel/server/6/6Server/i386/optional/source/SRPMS',\n 'content/els/rhel/server/6/6Server/i386/os',\n 'content/els/rhel/server/6/6Server/i386/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/debug',\n 'content/els/rhel/server/6/6Server/x86_64/optional/debug',\n 'content/els/rhel/server/6/6Server/x86_64/optional/os',\n 'content/els/rhel/server/6/6Server/x86_64/optional/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/debug',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap-hana/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/sap/debug',\n 'content/els/rhel/server/6/6Server/x86_64/sap/os',\n 'content/els/rhel/server/6/6Server/x86_64/sap/source/SRPMS',\n 'content/els/rhel/server/6/6Server/x86_64/source/SRPMS',\n 'content/fastrack/rhel/client/6/i386/debug',\n 'content/fastrack/rhel/client/6/i386/optional/debug',\n 'content/fastrack/rhel/client/6/i386/optional/os',\n 'content/fastrack/rhel/client/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/client/6/i386/os',\n 'content/fastrack/rhel/client/6/i386/source/SRPMS',\n 'content/fastrack/rhel/client/6/x86_64/debug',\n 'content/fastrack/rhel/client/6/x86_64/optional/debug',\n 'content/fastrack/rhel/client/6/x86_64/optional/os',\n 'content/fastrack/rhel/client/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/6/x86_64/os',\n 'content/fastrack/rhel/client/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/os',\n 'content/fastrack/rhel/computenode/6/x86_64/hpn/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/os',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/computenode/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/computenode/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/debug',\n 'content/fastrack/rhel/server/6/i386/highavailability/debug',\n 'content/fastrack/rhel/server/6/i386/highavailability/os',\n 'content/fastrack/rhel/server/6/i386/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/debug',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/os',\n 'content/fastrack/rhel/server/6/i386/loadbalancer/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/optional/debug',\n 'content/fastrack/rhel/server/6/i386/optional/os',\n 'content/fastrack/rhel/server/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/os',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/debug',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/os',\n 'content/fastrack/rhel/server/6/i386/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/6/i386/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/debug',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/6/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/hpn/debug',\n 'content/fastrack/rhel/server/6/x86_64/hpn/os',\n 'content/fastrack/rhel/server/6/x86_64/hpn/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/debug',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/os',\n 'content/fastrack/rhel/server/6/x86_64/loadbalancer/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/optional/debug',\n 'content/fastrack/rhel/server/6/x86_64/optional/os',\n 'content/fastrack/rhel/server/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/os',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/6/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/server/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/server/6/x86_64/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/i386/debug',\n 'content/fastrack/rhel/workstation/6/i386/optional/debug',\n 'content/fastrack/rhel/workstation/6/i386/optional/os',\n 'content/fastrack/rhel/workstation/6/i386/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/i386/os',\n 'content/fastrack/rhel/workstation/6/i386/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/6/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/os',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/debug',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/os',\n 'content/fastrack/rhel/workstation/6/x86_64/scalablefilesystem/source/SRPMS',\n 'content/fastrack/rhel/workstation/6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-openjdk-1.8.0.252.b09-2.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-1.8.0.252.b09-2.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.el6_10', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el6_10', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el6_10', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:31:52", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1512 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-21T00:00:00", "type": "nessus", "title": "RHEL 7 : java-1.8.0-openjdk (RHSA-2020:1512)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-accessibility:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-headless:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc-zip:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-src:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-1512.NASL", "href": "https://www.tenable.com/plugins/nessus/135775", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1512. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135775);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1512\");\n\n script_name(english:\"RHEL 7 : java-1.8.0-openjdk (RHSA-2020:1512)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1512 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)\n (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415)\n (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2773\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823200\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823215\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 113, 119, 185, 248, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/os',\n 'content/dist/rhel-alt/server/7/7Server/armv8-a/aarch64/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:32:41", "description": "From Red Hat Security Advisory 2020:1506 :\n\nThe remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1506 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-22T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : java-1.8.0-openjdk (ELSA-2020-1506)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:java-1.8.0-openjdk", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-demo", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-demo-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-devel", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-devel-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-headless", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-headless-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc-debug", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-src", "p-cpe:/a:oracle:linux:java-1.8.0-openjdk-src-debug", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2020-1506.NASL", "href": "https://www.tenable.com/plugins/nessus/135884", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1506 and \n# Oracle Linux Security Advisory ELSA-2020-1506 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135884);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1506\");\n script_xref(name:\"IAVA\", value:\"2020-A-0134-S\");\n\n script_name(english:\"Oracle Linux 6 : java-1.8.0-openjdk (ELSA-2020-1506)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2020:1506 :\n\nThe remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1506 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check\n in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in\n regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to\n uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in\n ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by\n DOMKeyInfoFactory and DOMXMLSignatureFactory (Security,\n 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new\n connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer\n (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers\n (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in\n MethodType.readObject() (Libraries, 8235274)\n (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency,\n 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2020-April/009851.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.8.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-demo-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-devel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-headless-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-javadoc-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.8.0-openjdk-src-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-src-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el6_10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-26T14:37:13", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1516 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-22T00:00:00", "type": "nessus", "title": "RHEL 8 : java-1.8.0-openjdk (RHSA-2020:1516)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:rhel_e4s:8.0:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-accessibility:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-headless:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc-zip:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-src:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-1516.NASL", "href": "https://www.tenable.com/plugins/nessus/135909", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1516. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135909);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1516\");\n\n script_name(english:\"RHEL 8 : java-1.8.0-openjdk (RHSA-2020:1516)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1516 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)\n (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415)\n (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2773\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823200\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823215\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 113, 119, 185, 248, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.0')) audit(AUDIT_OS_NOT, 'Red Hat 8.0', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.0/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.0/x86_64/appstream/os',\n 'content/e4s/rhel8/8.0/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.0/x86_64/baseos/os',\n 'content/e4s/rhel8/8.0/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.0/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.0/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.0/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.0/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.0/x86_64/sap/debug',\n 'content/e4s/rhel8/8.0/x86_64/sap/os',\n 'content/e4s/rhel8/8.0/x86_64/sap/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-openjdk-1.8.0.252.b09-2.el8_0', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el8_0', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el8_0', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el8_0', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el8_0', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el8_0', 'sp':'0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el8_0', 'sp':'0', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el8_0', 'sp':'0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:32:15", "description": "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1506 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-28T00:00:00", "type": "nessus", "title": "CentOS 6 : java-1.8.0-openjdk (CESA-2020:1506)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:centos:centos:java-1.8.0-openjdk", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-debug", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo-debug", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel-debug", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless-debug", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-debug", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-src", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-src-debug", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2020-1506.NASL", "href": "https://www.tenable.com/plugins/nessus/136018", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:1506 and \n# CentOS Errata and Security Advisory 2020:1506 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136018);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1506\");\n\n script_name(english:\"CentOS 6 : java-1.8.0-openjdk (CESA-2020:1506)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1506 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check\n in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in\n regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to\n uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in\n ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by\n DOMKeyInfoFactory and DOMXMLSignatureFactory (Security,\n 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new\n connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer\n (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers\n (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in\n MethodType.readObject() (Libraries, 8235274)\n (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency,\n 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2020-April/035702.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2f70b8e4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.8.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-src-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-src-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el6_10\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:33:07", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1512 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-05-01T00:00:00", "type": "nessus", "title": "CentOS 7 : java-1.8.0-openjdk (CESA-2020:1512)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:centos:centos:java-1.8.0-openjdk", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-accessibility", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-zip", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-src", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2020-1512.NASL", "href": "https://www.tenable.com/plugins/nessus/136198", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2020:1512 and \n# CentOS Errata and Security Advisory 2020:1512 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136198);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1512\");\n\n script_name(english:\"CentOS 7 : java-1.8.0-openjdk (CESA-2020:1512)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1512 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check\n in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in\n regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to\n uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in\n ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by\n DOMKeyInfoFactory and DOMXMLSignatureFactory (Security,\n 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new\n connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer\n (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers\n (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in\n MethodType.readObject() (Libraries, 8235274)\n (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency,\n 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2020-April/035706.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cce0bf74\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.8.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:34:40", "description": "Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\nDifficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2756)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).\n(CVE-2020-2755)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\n(CVE-2020-2830)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\nDifficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).\n(CVE-2020-2803)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).\n(CVE-2020-2754)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\n(CVE-2020-2781)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded:\n8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note:\nThis vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service.\nCVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\nDifficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2773)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\nDifficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2773)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\nDifficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2757)\n\nA flaw was found in the way the readObject() method of the MethodType class in the Libraries component of OpenJDK checked argument types.\nThis flaw allows an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2020-2805)", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-05-07T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2020-1421)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:java-1.8.0-openjdk", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-accessibility", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-accessibility-debug", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-debug", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-debuginfo", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-demo", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-demo-debug", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-devel", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-devel-debug", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-headless", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-headless-debug", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc-debug", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc-zip", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc-zip-debug", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-src", "p-cpe:/a:amazon:linux:java-1.8.0-openjdk-src-debug", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1421.NASL", "href": "https://www.tenable.com/plugins/nessus/136364", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1421.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136364);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"ALAS\", value:\"2020-1421\");\n\n script_name(english:\"Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2020-1421)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Vulnerability in the Java SE, Java SE Embedded product of Oracle Java\nSE (component: Serialization). Supported versions that are affected\nare Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\nDifficult to exploit vulnerability allows unauthenticated attacker\nwith network access via multiple protocols to compromise Java SE, Java\nSE Embedded. Successful attacks of this vulnerability can result in\nunauthorized ability to cause a partial denial of service (partial\nDOS) of Java SE, Java SE Embedded. Note: Applies to client and server\ndeployment of Java. This vulnerability can be exploited through\nsandboxed Java Web Start applications and sandboxed Java applets. It\ncan also be exploited by supplying data to APIs in the specified\nComponent without using sandboxed Java Web Start applications or\nsandboxed Java applets, such as through a web service. CVSS 3.0 Base\nScore 3.7 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2756)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java\nSE (component: Scripting). Supported versions that are affected are\nJava SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to\nexploit vulnerability allows unauthenticated attacker with network\naccess via multiple protocols to compromise Java SE, Java SE Embedded.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a partial denial of service (partial DOS) of Java SE,\nJava SE Embedded. Note: Applies to client and server deployment of\nJava. This vulnerability can be exploited through sandboxed Java Web\nStart applications and sandboxed Java applets. It can also be\nexploited by supplying data to APIs in the specified Component without\nusing sandboxed Java Web Start applications or sandboxed Java applets,\nsuch as through a web service. CVSS 3.0 Base Score 3.7 (Availability\nimpacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).\n(CVE-2020-2755)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java\nSE (component: Concurrency). Supported versions that are affected are\nJava SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily\nexploitable vulnerability allows unauthenticated attacker with network\naccess via multiple protocols to compromise Java SE, Java SE Embedded.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a partial denial of service (partial DOS) of Java SE,\nJava SE Embedded. Note: Applies to client and server deployment of\nJava. This vulnerability can be exploited through sandboxed Java Web\nStart applications and sandboxed Java applets. It can also be\nexploited by supplying data to APIs in the specified Component without\nusing sandboxed Java Web Start applications or sandboxed Java applets,\nsuch as through a web service. CVSS 3.0 Base Score 5.3 (Availability\nimpacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\n(CVE-2020-2830)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java\nSE (component: Libraries). Supported versions that are affected are\nJava SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\nDifficult to exploit vulnerability allows unauthenticated attacker\nwith network access via multiple protocols to compromise Java SE, Java\nSE Embedded. Successful attacks require human interaction from a\nperson other than the attacker and while the vulnerability is in Java\nSE, Java SE Embedded, attacks may significantly impact additional\nproducts. Successful attacks of this vulnerability can result in\ntakeover of Java SE, Java SE Embedded. Note: This vulnerability\napplies to Java deployments, typically in clients running sandboxed\nJava Web Start applications or sandboxed Java applets, that load and\nrun untrusted code (e.g., code that comes from the internet) and rely\non the Java sandbox for security. This vulnerability does not apply to\nJava deployments, typically in servers, that load and run only trusted\ncode (e.g., code installed by an administrator). CVSS 3.0 Base Score\n8.3 (Confidentiality, Integrity and Availability impacts). CVSS\nVector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).\n(CVE-2020-2803)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java\nSE (component: Scripting). Supported versions that are affected are\nJava SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to\nexploit vulnerability allows unauthenticated attacker with network\naccess via multiple protocols to compromise Java SE, Java SE Embedded.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a partial denial of service (partial DOS) of Java SE,\nJava SE Embedded. Note: Applies to client and server deployment of\nJava. This vulnerability can be exploited through sandboxed Java Web\nStart applications and sandboxed Java applets. It can also be\nexploited by supplying data to APIs in the specified Component without\nusing sandboxed Java Web Start applications or sandboxed Java applets,\nsuch as through a web service. CVSS 3.0 Base Score 3.7 (Availability\nimpacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).\n(CVE-2020-2754)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java\nSE (component: JSSE). Supported versions that are affected are Java\nSE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily\nexploitable vulnerability allows unauthenticated attacker with network\naccess via HTTPS to compromise Java SE, Java SE Embedded. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a partial denial of service (partial DOS) of Java SE, Java SE\nEmbedded. Note: Applies to client and server deployment of Java. This\nvulnerability can be exploited through sandboxed Java Web Start\napplications and sandboxed Java applets. It can also be exploited by\nsupplying data to APIs in the specified Component without using\nsandboxed Java Web Start applications or sandboxed Java applets, such\nas through a web service. CVSS 3.0 Base Score 5.3 (Availability\nimpacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\n(CVE-2020-2781)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java\nSE (component: Lightweight HTTP Server). Supported versions that are\naffected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded:\n8u241. Difficult to exploit vulnerability allows unauthenticated\nattacker with network access via multiple protocols to compromise Java\nSE, Java SE Embedded. Successful attacks of this vulnerability can\nresult in unauthorized update, insert or delete access to some of Java\nSE, Java SE Embedded accessible data as well as unauthorized read\naccess to a subset of Java SE, Java SE Embedded accessible data. Note:\nThis vulnerability can only be exploited by supplying data to APIs in\nthe specified Component without using Untrusted Java Web Start\napplications or Untrusted Java applets, such as through a web service.\nCVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS\nVector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java\nSE (component: Security). Supported versions that are affected are\nJava SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\nDifficult to exploit vulnerability allows unauthenticated attacker\nwith network access via multiple protocols to compromise Java SE, Java\nSE Embedded. Successful attacks of this vulnerability can result in\nunauthorized ability to cause a partial denial of service (partial\nDOS) of Java SE, Java SE Embedded. Note: Applies to client and server\ndeployment of Java. This vulnerability can be exploited through\nsandboxed Java Web Start applications and sandboxed Java applets. It\ncan also be exploited by supplying data to APIs in the specified\nComponent without using sandboxed Java Web Start applications or\nsandboxed Java applets, such as through a web service. CVSS 3.0 Base\nScore 3.7 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2773)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java\nSE (component: Serialization). Supported versions that are affected\nare Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\nDifficult to exploit vulnerability allows unauthenticated attacker\nwith network access via multiple protocols to compromise Java SE, Java\nSE Embedded. Successful attacks of this vulnerability can result in\nunauthorized ability to cause a partial denial of service (partial\nDOS) of Java SE, Java SE Embedded. Note: Applies to client and server\ndeployment of Java. This vulnerability can be exploited through\nsandboxed Java Web Start applications and sandboxed Java applets. It\ncan also be exploited by supplying data to APIs in the specified\nComponent without using sandboxed Java Web Start applications or\nsandboxed Java applets, such as through a web service. CVSS 3.0 Base\nScore 3.7 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2773)\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java\nSE (component: Serialization). Supported versions that are affected\nare Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\nDifficult to exploit vulnerability allows unauthenticated attacker\nwith network access via multiple protocols to compromise Java SE, Java\nSE Embedded. Successful attacks of this vulnerability can result in\nunauthorized ability to cause a partial denial of service (partial\nDOS) of Java SE, Java SE Embedded. Note: Applies to client and server\ndeployment of Java. This vulnerability can be exploited through\nsandboxed Java Web Start applications and sandboxed Java applets. It\ncan also be exploited by supplying data to APIs in the specified\nComponent without using sandboxed Java Web Start applications or\nsandboxed Java applets, such as through a web service. CVSS 3.0 Base\nScore 3.7 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2757)\n\nA flaw was found in the way the readObject() method of the MethodType\nclass in the Libraries component of OpenJDK checked argument types.\nThis flaw allows an untrusted Java application or applet to bypass\nJava sandbox restrictions. (CVE-2020-2805)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1421.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update java-1.8.0-openjdk' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-accessibility-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-demo-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-devel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-headless-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-javadoc-zip-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:java-1.8.0-openjdk-src-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-accessibility-debug-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-debug-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-demo-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-devel-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-headless-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-src-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.amzn2.0.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-03-18T14:12:34", "description": "Security Fix(es) :\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-22T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20200421)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-16T00:00:00", "cpe": ["x-cpe:2.3:o:fermilab:scientific_linux:*:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-accessibility:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-debuginfo:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-headless:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-src:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc-zip:*:*:*:*:*:*:*"], "id": "SL_20200421_JAVA_1_8_0_OPENJDK_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/135891", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135891);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\"CVE-2020-2754\", \"CVE-2020-2755\", \"CVE-2020-2756\", \"CVE-2020-2757\", \"CVE-2020-2773\", \"CVE-2020-2781\", \"CVE-2020-2800\", \"CVE-2020-2803\", \"CVE-2020-2805\", \"CVE-2020-2830\");\n\n script_name(english:\"Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20200421)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security Fix(es) :\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers\n (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in\n MethodType.readObject() (Libraries, 8235274)\n (CVE-2020-2805)\n\n - OpenJDK: Unexpected exceptions raised by\n DOMKeyInfoFactory and DOMXMLSignatureFactory (Security,\n 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new\n connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer\n (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency,\n 8236201) (CVE-2020-2830)\n\n - OpenJDK: Misplaced regular expression syntax error check\n in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in\n regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to\n uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in\n ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2004&L=SCIENTIFIC-LINUX-ERRATA&P=23010\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3e299e5f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el7_8\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"java-1.8.0-openjdk-src-1.8.0.252.b09-2.el7_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-03-18T14:12:34", "description": "Security Fix(es) :\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-22T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20200421)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-16T00:00:00", "cpe": ["x-cpe:2.3:o:fermilab:scientific_linux:*:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-debug:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-debuginfo:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-demo-debug:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-devel-debug:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-headless:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-headless-debug:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc-debug:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-src:*:*:*:*:*:*:*", "p-cpe:2.3:a:fermilab:scientific_linux:java-1.8.0-openjdk-src-debug:*:*:*:*:*:*:*"], "id": "SL_20200421_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/135890", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135890);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\"CVE-2020-2754\", \"CVE-2020-2755\", \"CVE-2020-2756\", \"CVE-2020-2757\", \"CVE-2020-2773\", \"CVE-2020-2781\", \"CVE-2020-2800\", \"CVE-2020-2803\", \"CVE-2020-2805\", \"CVE-2020-2830\");\n\n script_name(english:\"Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20200421)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security Fix(es) :\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers\n (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in\n MethodType.readObject() (Libraries, 8235274)\n (CVE-2020-2805)\n\n - OpenJDK: Unexpected exceptions raised by\n DOMKeyInfoFactory and DOMXMLSignatureFactory (Security,\n 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new\n connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer\n (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency,\n 8236201) (CVE-2020-2830)\n\n - OpenJDK: Misplaced regular expression syntax error check\n in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in\n regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to\n uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in\n ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind2004&L=SCIENTIFIC-LINUX-ERRATA&P=21674\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e9b3abbf\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-demo-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-devel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-headless-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-javadoc-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:java-1.8.0-openjdk-src-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-src-1.8.0.252.b09-2.el6_10\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el6_10\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-10T14:51:29", "description": "The remote NewStart CGSL host, running version MAIN 4.05, has java-1.8.0-openjdk packages installed that are affected by multiple vulnerabilities:\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2754, CVE-2020-2755)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2756, CVE-2020-2757)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2773)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded:\n 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). (CVE-2020-2800)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2830)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). (CVE-2020-2803, CVE-2020-2805)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2781)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-10-13T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2020-0051)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-12T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0051_JAVA-1_8_0-OPENJDK.NASL", "href": "https://www.tenable.com/plugins/nessus/141408", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0051. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141408);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n\n script_name(english:\"NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2020-0051)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 4.05, has java-1.8.0-openjdk packages installed that are affected by\nmultiple vulnerabilities:\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported\n versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to\n exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to\n compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized\n ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to\n client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as\n through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2754, CVE-2020-2755)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple\n protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through\n sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying\n data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed\n Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2756, CVE-2020-2757)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported\n versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to\n exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to\n compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized\n ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to\n client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as\n through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2773)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP\n Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded:\n 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple\n protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in\n unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well\n as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This\n vulnerability can only be exploited by supplying data to APIs in the specified Component without using\n Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0\n Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). (CVE-2020-2800)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple\n protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through\n sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying\n data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed\n Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2830)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported\n versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to\n exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to\n compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other\n than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly\n impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE,\n Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running\n sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,\n code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not\n apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed\n by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS\n Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). (CVE-2020-2803, CVE-2020-2805)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported\n versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java\n SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause\n a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server\n deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and\n sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component\n without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web\n service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector:\n (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). (CVE-2020-2781)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0051\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL java-1.8.0-openjdk packages. Note that updated packages may not be available yet. Please\ncontact ZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL MAIN 4.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL MAIN 4.05': [\n 'java-1.8.0-openjdk-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-debuginfo-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el6_10',\n 'java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el6_10'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.8.0-openjdk');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-24T14:41:00", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1515 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : java-1.8.0-openjdk (CESA-2020:1515)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:java-1.8.0-openjdk", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-accessibility", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-zip", "p-cpe:/a:centos:centos:java-1.8.0-openjdk-src"], "id": "CENTOS8_RHSA-2020-1515.NASL", "href": "https://www.tenable.com/plugins/nessus/146011", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:1515. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(146011);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1515\");\n\n script_name(english:\"CentOS 8 : java-1.8.0-openjdk (CESA-2020:1515)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:1515 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)\n (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415)\n (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1515\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-javadoc-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:java-1.8.0-openjdk-src\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'java-1.8.0-openjdk-1.8.0.252.b09-2.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-1.8.0.252.b09-2.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el8_1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el8_1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-26T14:42:11", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1515 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-08-07T00:00:00", "type": "nessus", "title": "RHEL 8 : java-1.8.0-openjdk (RHSA-2020:1515)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_aus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_e4s:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:8.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_tus:8.2:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-accessibility:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-headless:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc-zip:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.8.0-openjdk-src:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_e4s:8.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_aus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_e4s:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_tus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_aus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_e4s:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_eus:8.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_tus:8.6:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-1515.NASL", "href": "https://www.tenable.com/plugins/nessus/139379", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1515. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139379);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1515\");\n\n script_name(english:\"RHEL 8 : java-1.8.0-openjdk (RHSA-2020:1515)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1515 advisory.\n\n - OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898)\n (CVE-2020-2754)\n\n - OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904)\n (CVE-2020-2755)\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415)\n (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2754\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2755\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2773\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1515\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823200\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823215\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 113, 119, 185, 248, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-javadoc-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.8.0-openjdk-src\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/appstream/debug',\n 'content/eus/rhel8/8.2/s390x/appstream/os',\n 'content/eus/rhel8/8.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/baseos/debug',\n 'content/eus/rhel8/8.2/s390x/baseos/os',\n 'content/eus/rhel8/8.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/highavailability/debug',\n 'content/eus/rhel8/8.2/s390x/highavailability/os',\n 'content/eus/rhel8/8.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/sap/debug',\n 'content/eus/rhel8/8.2/s390x/sap/os',\n 'content/eus/rhel8/8.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/supplementary/debug',\n 'content/eus/rhel8/8.2/s390x/supplementary/os',\n 'content/eus/rhel8/8.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-openjdk-1.8.0.252.b09-2.el8_1', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el8_1', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el8_1', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el8_1', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el8_1', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el8_1', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el8_1', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el8_1', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-openjdk-1.8.0.252.b09-2.el8_1', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el8_1', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el8_1', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el8_1', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el8_1', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el8_1', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el8_1', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el8_1', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-openjdk-1.8.0.252.b09-2.el8_1', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el8_1', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el8_1', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el8_1', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el8_1', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el8_1', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el8_1', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el8_1', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-openjdk-1.8.0.252.b09-2.el8_1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el8_1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el8_1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el8_1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el8_1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el8_1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el8_1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el8_1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/appstream/debug',\n 'content/eus/rhel8/8.1/aarch64/appstream/os',\n 'content/eus/rhel8/8.1/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/baseos/debug',\n 'content/eus/rhel8/8.1/aarch64/baseos/os',\n 'content/eus/rhel8/8.1/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.1/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.1/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.1/aarch64/highavailability/os',\n 'content/eus/rhel8/8.1/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.1/aarch64/supplementary/os',\n 'content/eus/rhel8/8.1/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.1/ppc64le/appstream/os',\n 'content/eus/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.1/ppc64le/baseos/os',\n 'content/eus/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.1/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.1/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.1/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.1/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.1/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/sap/debug',\n 'content/eus/rhel8/8.1/ppc64le/sap/os',\n 'content/eus/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.1/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.1/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/appstream/debug',\n 'content/eus/rhel8/8.1/s390x/appstream/os',\n 'content/eus/rhel8/8.1/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/baseos/debug',\n 'content/eus/rhel8/8.1/s390x/baseos/os',\n 'content/eus/rhel8/8.1/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.1/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.1/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/highavailability/debug',\n 'content/eus/rhel8/8.1/s390x/highavailability/os',\n 'content/eus/rhel8/8.1/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.1/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.1/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/sap/debug',\n 'content/eus/rhel8/8.1/s390x/sap/os',\n 'content/eus/rhel8/8.1/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/s390x/supplementary/debug',\n 'content/eus/rhel8/8.1/s390x/supplementary/os',\n 'content/eus/rhel8/8.1/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/appstream/debug',\n 'content/eus/rhel8/8.1/x86_64/appstream/os',\n 'content/eus/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/baseos/debug',\n 'content/eus/rhel8/8.1/x86_64/baseos/os',\n 'content/eus/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.1/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.1/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.1/x86_64/highavailability/os',\n 'content/eus/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.1/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.1/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/sap/debug',\n 'content/eus/rhel8/8.1/x86_64/sap/os',\n 'content/eus/rhel8/8.1/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.1/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.1/x86_64/supplementary/os',\n 'content/eus/rhel8/8.1/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.8.0-openjdk-1.8.0.252.b09-2.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-accessibility-1.8.0.252.b09-2.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-javadoc-zip-1.8.0.252.b09-2.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.8.0-openjdk-src-1.8.0.252.b09-2.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.8.0-openjdk / java-1.8.0-openjdk-accessibility / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T08:37:34", "description": "The version of IBM Java installed on the remote host is prior to 7.0 < 7.0.10.65 / 7.1 < 7.1.4.65 / 8.0 < 8.0.6.25. It is, therefore, affected by multiple vulnerabilities as referenced in the Oracle April 14 2020 CPU advisory.\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. (CVE-2020-2754, CVE-2020-2755)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. (CVE-2020-2756, CVE-2020-2757)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. (CVE-2020-2773)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. (CVE-2020-2781)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded:\n 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service.\n (CVE-2020-2800)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). (CVE-2020-2803, CVE-2020-2805)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-04-29T00:00:00", "type": "nessus", "title": "IBM Java 7.0 < 7.0.10.65 / 7.1 < 7.1.4.65 / 8.0 < 8.0.6.25 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-06T00:00:00", "cpe": ["cpe:/a:ibm:java"], "id": "IBM_JAVA_2020_04_14.NASL", "href": "https://www.tenable.com/plugins/nessus/160353", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160353);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0134-S\");\n\n script_name(english:\"IBM Java 7.0 < 7.0.10.65 / 7.1 < 7.1.4.65 / 8.0 < 8.0.6.25 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"IBM Java is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM Java installed on the remote host is prior to 7.0 < 7.0.10.65 / 7.1 < 7.1.4.65 / 8.0 < 8.0.6.25. It\nis, therefore, affected by multiple vulnerabilities as referenced in the Oracle April 14 2020 CPU advisory.\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported\n versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to\n exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to\n compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized\n ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to\n client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as\n through a web service. (CVE-2020-2754, CVE-2020-2755)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple\n protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through\n sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying\n data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed\n Java applets, such as through a web service. (CVE-2020-2756, CVE-2020-2757)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported\n versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to\n exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to\n compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized\n ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to\n client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start\n applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the\n specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as\n through a web service. (CVE-2020-2773)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported\n versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily\n exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java\n SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause\n a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server\n deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and\n sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component\n without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web\n service. (CVE-2020-2781)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP\n Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded:\n 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple\n protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in\n unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well\n as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This\n vulnerability can only be exploited by supplying data to APIs in the specified Component without using\n Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service.\n (CVE-2020-2800)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported\n versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to\n exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to\n compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other\n than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly\n impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE,\n Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running\n sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g.,\n code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not\n apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed\n by an administrator). (CVE-2020-2803, CVE-2020-2805)\n\n - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency).\n Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\n Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple\n protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in\n unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded.\n Note: Applies to client and server deployment of Java. This vulnerability can be exploited through\n sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying\n data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed\n Java applets, such as through a web service. (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg1IJ24362\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg1IJ24363\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg1IJ24364\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg1IJ24365\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg1IJ24366\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg1IJ24367\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg1IJ24368\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg1IJ24369\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg1IJ24370\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg1IJ27913\");\n # https://www.ibm.com/support/pages/java-sdk-security-vulnerabilities#Oracle_April_14_2020_CPU\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e2f84678\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the Oracle April 14 2020 CPU advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:java\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ibm_java_nix_installed.nbin\", \"ibm_java_win_installed.nbin\");\n script_require_keys(\"installed_sw/Java\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar app_list = ['IBM Java'];\nvar app_info = vcf::java::get_app_info(app:app_list);\n\nvar constraints = [\n { 'min_version' : '7.0.0', 'fixed_version' : '7.0.10.65' },\n { 'min_version' : '7.1.0', 'fixed_version' : '7.1.4.65' },\n { 'min_version' : '8.0.0', 'fixed_version' : '8.0.6.25' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T23:55:09", "description": "The version of Amazon Corretto installed on the remote host is prior to 8 < 8.252.09.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2020-Apr-14 advisory.\n\n - core-libs/javax.script (CVE-2020-2754, CVE-2020-2755)\n\n - core-libs/java.io:serialization (CVE-2020-2756, CVE-2020-2757)\n\n - security-libs/javax.xml.crypto (CVE-2020-2773)\n\n - security-libs/java.security (CVE-2020-2781)\n\n - core-libs/java.net (CVE-2020-2800)\n\n - core-libs/java.nio (CVE-2020-2803)\n\n - core-libs/java.io (CVE-2020-2805)\n\n - core-libs/java.util (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2022-04-01T00:00:00", "type": "nessus", "title": "Amazon Corretto Java 8.x < 8.252.09.1 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-06T00:00:00", "cpe": ["cpe:/a:amazon:corretto"], "id": "AMAZON_CORRETTO_8_252_09_1.NASL", "href": "https://www.tenable.com/plugins/nessus/159410", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159410);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/06\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n\n script_name(english:\"Amazon Corretto Java 8.x < 8.252.09.1 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"Amazon Corretto is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Amazon Corretto installed on the remote host is prior to 8 < 8.252.09.1. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the corretto-8-2020-Apr-14 advisory.\n\n - core-libs/javax.script (CVE-2020-2754, CVE-2020-2755)\n\n - core-libs/java.io:serialization (CVE-2020-2756, CVE-2020-2757)\n\n - security-libs/javax.xml.crypto (CVE-2020-2773)\n\n - security-libs/java.security (CVE-2020-2781)\n\n - core-libs/java.net (CVE-2020-2800)\n\n - core-libs/java.nio (CVE-2020-2803)\n\n - core-libs/java.io (CVE-2020-2805)\n\n - core-libs/java.util (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://github.com/corretto/corretto-8/blob/develop/CHANGELOG.md#corretto-version-8252091\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c5059fcc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update to Amazon Corretto Java 8.252.09.1 or later\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:amazon:corretto\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"amazon_corretto_win_installed.nbin\", \"amazon_corretto_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Java\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvar app_list = ['Amazon Corretto Java'];\nvar app_info = vcf::java::get_app_info(app:app_list);\n\nvar constraints = [\n { 'min_version' : '8.0', 'fixed_version' : '8.252.09.1' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-26T14:41:16", "description": "This update for java-1_8_0-openjdk to version jdk8u252 fixes the following issues :\n\nCVE-2020-2754: Forward references to Nashorn (bsc#1169511)\n\nCVE-2020-2755: Improve Nashorn matching (bsc#1169511)\n\nCVE-2020-2756: Better mapping of serial ENUMs (bsc#1169511)\n\nCVE-2020-2757: Less Blocking Array Queues (bsc#1169511)\n\nCVE-2020-2773: Better signatures in XML (bsc#1169511)\n\nCVE-2020-2781: Improve TLS session handling (bsc#1169511)\n\nCVE-2020-2800: Better Headings for HTTP Servers (bsc#1169511)\n\nCVE-2020-2803: Enhance buffering of byte buffers (bsc#1169511)\n\nCVE-2020-2805: Enhance typing of methods (bsc#1169511)\n\nCVE-2020-2830: Better Scanner conversions (bsc#1169511)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-07-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2020:1686-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debugsource", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless", "p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1686-1.NASL", "href": "https://www.tenable.com/plugins/nessus/138281", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1686-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138281);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2020-2754\",\n \"CVE-2020-2755\",\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2020:1686-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for java-1_8_0-openjdk to version jdk8u252 fixes the\nfollowing issues :\n\nCVE-2020-2754: Forward references to Nashorn (bsc#1169511)\n\nCVE-2020-2755: Improve Nashorn matching (bsc#1169511)\n\nCVE-2020-2756: Better mapping of serial ENUMs (bsc#1169511)\n\nCVE-2020-2757: Less Blocking Array Queues (bsc#1169511)\n\nCVE-2020-2773: Better signatures in XML (bsc#1169511)\n\nCVE-2020-2781: Improve TLS session handling (bsc#1169511)\n\nCVE-2020-2800: Better Headings for HTTP Servers (bsc#1169511)\n\nCVE-2020-2803: Enhance buffering of byte buffers (bsc#1169511)\n\nCVE-2020-2805: Enhance typing of methods (bsc#1169511)\n\nCVE-2020-2830: Better Scanner conversions (bsc#1169511)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1160398\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169511\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2754/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2755/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2756/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2757/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2773/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2781/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2800/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2803/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2805/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2830/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201686-1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7364e113\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-1686=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2020-1686=1\n\nSUSE OpenStack Cloud 7 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-7-2020-1686=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2020-1686=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP2-2020-1686=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1686=1\n\nSUSE Linux Enterprise Server 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1686=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-1686=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-1686=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-1686=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-1686=1\n\nSUSE Enterprise Storage 5 :\n\nzypper in -t patch SUSE-Storage-5-2020-1686=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2020-1686=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-demo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_8_0-openjdk-headless-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_8_0-openjdk-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_8_0-openjdk-demo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_8_0-openjdk-devel-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_8_0-openjdk-headless-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-demo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-devel-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-headless-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-demo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-devel-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-headless-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_8_0-openjdk-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_8_0-openjdk-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_8_0-openjdk-debugsource-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_8_0-openjdk-demo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_8_0-openjdk-demo-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_8_0-openjdk-devel-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_8_0-openjdk-devel-debuginfo-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_8_0-openjdk-headless-1.8.0.252-27.45.6\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_8_0-openjdk-headless-debuginfo-1.8.0.252-27.45.6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_8_0-openjdk\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:32:50", "description": "Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in denial of service, insecure TLS handshakes, bypass of sandbox restrictions or HTTP response splitting attacks.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-30T00:00:00", "type": "nessus", "title": "Debian DSA-4668-1 : openjdk-8 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2754", "CVE-2020-2755", "CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805"], "modified": "2022-05-16T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openjdk-8", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4668.NASL", "href": "https://www.tenable.com/plugins/nessus/136125", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4668. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136125);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/16\");\n\n script_cve_id(\"CVE-2020-2754\", \"CVE-2020-2755\", \"CVE-2020-2756\", \"CVE-2020-2757\", \"CVE-2020-2773\", \"CVE-2020-2781\", \"CVE-2020-2800\", \"CVE-2020-2803\", \"CVE-2020-2805\");\n script_xref(name:\"DSA\", value:\"4668\");\n\n script_name(english:\"Debian DSA-4668-1 : openjdk-8 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several vulnerabilities have been discovered in the OpenJDK Java\nruntime, resulting in denial of service, insecure TLS handshakes,\nbypass of sandbox restrictions or HTTP response splitting attacks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/openjdk-8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openjdk-8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4668\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the openjdk-8 packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 8u252-b09-1~deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openjdk-8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-dbg\", reference:\"8u252-b09-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-demo\", reference:\"8u252-b09-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-doc\", reference:\"8u252-b09-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-jdk\", reference:\"8u252-b09-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-jdk-headless\", reference:\"8u252-b09-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-jre\", reference:\"8u252-b09-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-jre-headless\", reference:\"8u252-b09-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-jre-zero\", reference:\"8u252-b09-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openjdk-8-source\", reference:\"8u252-b09-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:35:06", "description": "This update for java-1_7_0-openjdk to version 7u261 fixes the following issues :\n\nCVE-2020-2756: Better mapping of serial ENUMs (bsc#1169511)\n\nCVE-2020-2757: Less Blocking Array Queues (bsc#1169511)\n\nCVE-2020-2773: Better signatures in XML (bsc#1169511)\n\nCVE-2020-2781: Improve TLS session handling (bsc#1169511)\n\nCVE-2020-2800: Better Headings for HTTP Servers (bsc#1169511)\n\nCVE-2020-2803: Enhance buffering of byte buffers (bsc#1169511)\n\nCVE-2020-2805: Enhance typing of methods (bsc#1169511)\n\nCVE-2020-2830: Better Scanner conversions (bsc#1169511)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-06-18T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2020:1571-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk", "p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-debugsource", "p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-demo", "p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-demo-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-devel", "p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-devel-debuginfo", "p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-headless", "p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-headless-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1571-1.NASL", "href": "https://www.tenable.com/plugins/nessus/137600", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1571-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137600);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2020:1571-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for java-1_7_0-openjdk to version 7u261 fixes the\nfollowing issues :\n\nCVE-2020-2756: Better mapping of serial ENUMs (bsc#1169511)\n\nCVE-2020-2757: Less Blocking Array Queues (bsc#1169511)\n\nCVE-2020-2773: Better signatures in XML (bsc#1169511)\n\nCVE-2020-2781: Improve TLS session handling (bsc#1169511)\n\nCVE-2020-2800: Better Headings for HTTP Servers (bsc#1169511)\n\nCVE-2020-2803: Enhance buffering of byte buffers (bsc#1169511)\n\nCVE-2020-2805: Enhance typing of methods (bsc#1169511)\n\nCVE-2020-2830: Better Scanner conversions (bsc#1169511)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169511\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2756/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2757/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2773/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2781/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2800/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2803/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2805/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-2830/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201571-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6b3b11b6\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-1571=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2020-1571=1\n\nSUSE OpenStack Cloud 7 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-7-2020-1571=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2020-1571=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP2-2020-1571=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1571=1\n\nSUSE Linux Enterprise Server 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1571=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-1571=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-1571=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-1571=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-1571=1\n\nSUSE Enterprise Storage 5 :\n\nzypper in -t patch SUSE-Storage-5-2020-1571=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2020-1571=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-demo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:java-1_7_0-openjdk-headless-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_0-openjdk-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_0-openjdk-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_0-openjdk-debugsource-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_0-openjdk-demo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_0-openjdk-demo-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_0-openjdk-devel-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_0-openjdk-devel-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_0-openjdk-headless-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"java-1_7_0-openjdk-headless-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_0-openjdk-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_0-openjdk-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_0-openjdk-debugsource-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_0-openjdk-demo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_0-openjdk-demo-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_0-openjdk-devel-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_0-openjdk-devel-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_0-openjdk-headless-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"java-1_7_0-openjdk-headless-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_0-openjdk-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_0-openjdk-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_0-openjdk-debugsource-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_0-openjdk-demo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_0-openjdk-demo-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_0-openjdk-devel-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_0-openjdk-devel-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_0-openjdk-headless-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"java-1_7_0-openjdk-headless-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_0-openjdk-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_0-openjdk-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_0-openjdk-debugsource-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_0-openjdk-demo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_0-openjdk-demo-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_0-openjdk-devel-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_0-openjdk-devel-debuginfo-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_0-openjdk-headless-1.7.0.261-43.38.8\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"java-1_7_0-openjdk-headless-debuginfo-1.7.0.261-43.38.8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1_7_0-openjdk\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-26T14:37:36", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1507 advisory.\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-21T00:00:00", "type": "nessus", "title": "RHEL 7 : java-1.7.0-openjdk (RHSA-2020:1507)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.0-openjdk:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.0-openjdk-demo:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.0-openjdk-devel:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.0-openjdk-javadoc:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.0-openjdk-src:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.0-openjdk-accessibility:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:java-1.7.0-openjdk-headless:*:*:*:*:*:*:*"], "id": "REDHAT-RHSA-2020-1507.NASL", "href": "https://www.tenable.com/plugins/nessus/135768", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1507. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135768);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1507\");\n\n script_name(english:\"RHEL 7 : java-1.7.0-openjdk (RHSA-2020:1507)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1507 advisory.\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415)\n (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2757\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2773\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2800\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-2830\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1507\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823215\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823527\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823694\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1823960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 113, 119, 185, 248, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:java-1.7.0-openjdk-src\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'java-1.7.0-openjdk-1.7.0.261-2.6.22.2.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-1.7.0.261-2.6.22.2.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-accessibility-1.7.0.261-2.6.22.2.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-accessibility-1.7.0.261-2.6.22.2.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-demo-1.7.0.261-2.6.22.2.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-demo-1.7.0.261-2.6.22.2.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-devel-1.7.0.261-2.6.22.2.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-devel-1.7.0.261-2.6.22.2.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-headless-1.7.0.261-2.6.22.2.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-headless-1.7.0.261-2.6.22.2.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-javadoc-1.7.0.261-2.6.22.2.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-src-1.7.0.261-2.6.22.2.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'java-1.7.0-openjdk-src-1.7.0.261-2.6.22.2.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'java-1.7.0-openjdk / java-1.7.0-openjdk-accessibility / etc');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:31:49", "description": "From Red Hat Security Advisory 2020:1507 :\n\nThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1507 advisory.\n\n - OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 6.0}, "published": "2020-04-24T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2020-1507)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-2756", "CVE-2020-2757", "CVE-2020-2773", "CVE-2020-2781", "CVE-2020-2800", "CVE-2020-2803", "CVE-2020-2805", "CVE-2020-2830"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:java-1.7.0-openjdk", "p-cpe:/a:oracle:linux:java-1.7.0-openjdk-accessibility", "p-cpe:/a:oracle:linux:java-1.7.0-openjdk-demo", "p-cpe:/a:oracle:linux:java-1.7.0-openjdk-devel", "p-cpe:/a:oracle:linux:java-1.7.0-openjdk-headless", "p-cpe:/a:oracle:linux:java-1.7.0-openjdk-javadoc", "p-cpe:/a:oracle:linux:java-1.7.0-openjdk-src", "cpe:/o:oracle:linux:7"], "id": "ORACLELINUX_ELSA-2020-1507.NASL", "href": "https://www.tenable.com/plugins/nessus/135950", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1507 and \n# Oracle Linux Security Advisory ELSA-2020-1507 respectively.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135950);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2020-2756\",\n \"CVE-2020-2757\",\n \"CVE-2020-2773\",\n \"CVE-2020-2781\",\n \"CVE-2020-2800\",\n \"CVE-2020-2803\",\n \"CVE-2020-2805\",\n \"CVE-2020-2830\"\n );\n script_xref(name:\"RHSA\", value:\"2020:1507\");\n script_xref(name:\"IAVA\", value:\"2020-A-0134-S\");\n\n script_name(english:\"Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2020-1507)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2020:1507 :\n\nThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1507 advisory.\n\n - OpenJDK: Incorrect handling of references to\n uninitialized class descriptors during deserialization\n (Serialization, 8224541) (CVE-2020-2756)\n\n - OpenJDK: Uncaught InstantiationError exception in\n ObjectStreamClass (Serialization, 8224549)\n (CVE-2020-2757)\n\n - OpenJDK: Unexpected exceptions raised by\n DOMKeyInfoFactory and DOMXMLSignatureFactory (Security,\n 8231415) (CVE-2020-2773)\n\n - OpenJDK: Re-use of single TLS session for new\n connections (JSSE, 8234408) (CVE-2020-2781)\n\n - OpenJDK: CRLF injection into HTTP headers in HttpServer\n (Lightweight HTTP Server, 8234825) (CVE-2020-2800)\n\n - OpenJDK: Incorrect bounds checks in NIO Buffers\n (Libraries, 8234841) (CVE-2020-2803)\n\n - OpenJDK: Incorrect type checks in\n MethodType.readObject() (Libraries, 8235274)\n (CVE-2020-2805)\n\n - OpenJDK: Regular expression DoS in Scanner (Concurrency,\n 8236201) (CVE-2020-2830)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2020-April/009852.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected java-1.7.0-openjdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-2800\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-2805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.7.0-openjdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.7.0-openjdk-accessibility\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.7.0-openjdk-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.7.0-openjdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.7.0-openjdk-headless\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.7.0-openjdk-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:java-1.7.0-openjdk-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-1.7.0.261-2.6.22.2.0.1.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-accessibility-1.7.0.261-2.6.22.2.0.1.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-demo-1.7.0.261-2.6.22.2.0.1.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-devel-1.7.0.261-2.6.22.2.0.1.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-headless-1.7.0.261-2.6.22.2.0.1.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-javadoc-1.7.0.261-2.6.22.2.0.1.el7_8\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"java-1.7.0-openjdk-src-1.7.0.261-2.6.22.2.0.1.el7_8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"java-1.7.0-openjdk / java-1.7.0-openjdk-accessibility / etc\");\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-01-25T14:33:55", "description": "Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241.\nDifficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Ja