Vulnerability in the Oracle Java SE Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments typically in clients running sandboxed Java Web Start applications or sandboxed Java applets that load and run untrusted code (e.g. code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component e.g. through a web service which supplies data to the APIs. CVSS 3

🗓️ 26 Jan 2022 08:00:00Reported by MicrosoftType

Unauthenticated remote flaw in Java SE and GraalVM Enterprise Edition may cause partial denial of service.

Reporter	Title	Published	Views	Family All 151
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Java affects IBM Cloud Application Business Insights - Quaterly Java update, CVE-2021-35603 and CVE-2021-35550	30 Dec 202215:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2022 - Includes Oracle® January 2022 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time	22 Jun 202202:20	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands are vulnerable to denial of service due to [CVE-2022-21349]	25 Jul 202313:44	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified in IBM SDK, Java Technology Edition shipped with IBM Robotic Process Automation	20 Jul 202218:20	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager	22 Jun 202204:07	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring	30 Dec 202217:31	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Java SE affect IBM CICS TX Advanced	14 Feb 202321:04	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities exist in the IBM® SDK, Java™ Technology Edition affecting IBM Tivoli Network Manager	24 May 202210:09	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Controller has addressed multiple vulnerabilities	2 Dec 202219:43	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities	8 Nov 202216:41	–	ibm

Vulners

Node

microsoft cm1_openjdk8_1.8.0.332-1Range<-

26 Jan 2022 08:00Current

6.7Medium risk

Vulners AI Score6.7

CVSS 25

CVSS 3.15.3

EPSS0.00061

SSVC