Lucene search

K
mageiaGentoo FoundationMGASA-2022-0261
HistoryJul 16, 2022 - 10:58 p.m.

Updated java packages fix security vulnerability

2022-07-1622:58:20
Gentoo Foundation
advisories.mageia.org
51
openjdk
secure validation
apache santuario
libraries
memory allocation
crafted xpath expressions
jaxp
object-to-string conversion
annotationinvocationhandler
missing check
negative objectidentifier
uri parsing inconsistencies
jndi
security
vulnerability

EPSS

0.004

Percentile

75.5%

OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008) (CVE-2022-21476) OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504) (CVE-2022-21426) OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672) (CVE-2022-21434) OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151) (CVE-2022-21443) OpenJDK: URI parsing inconsistencies (JNDI, 8278972) (CVE-2022-21496)

OSVersionArchitecturePackageVersionFilename
Mageia8noarchjava< 1.8.0-openjdk-1.8.0.332.b09-1.1java-1.8.0-openjdk-1.8.0.332.b09-1.1.mga8
Mageia8noarchjava< 11-openjdk-11.0.15.0.10-1java-11-openjdk-11.0.15.0.10-1.mga8
Mageia8noarchtimezone< 2022a-1timezone-2022a-1.mga8